Kayako Liveresponse vulnerabilities
4 known vulnerabilities affecting kayako/liveresponse.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM3LOW1
Vulnerabilities
Page 1 of 1
CVE-2005-2461P4MEDIUMCVSS 6.4PoCv2.02005-12-31
CVE-2005-2461 [MEDIUM] CVE-2005-2461: Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remo
Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) date parameter.
nvd
CVE-2005-2460P4MEDIUMCVSS 5.8PoCv2.02005-12-31
CVE-2005-2460 [MEDIUM] CVE-2005-2460: Multiple cross-site scripting (XSS) vulnerabilities in Kayako liveResponse 2.x allow remote attacker
Multiple cross-site scripting (XSS) vulnerabilities in Kayako liveResponse 2.x allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter or (2) name field when entering a session or sending a message.
nvd
CVE-2005-2462P4LOWCVSS 2.1v2.02005-12-31
CVE-2005-2462 [LOW] CVE-2005-2462: Kayako liveResponse 2.x, when logging in a user, records the password in plaintext in the URL, which
Kayako liveResponse 2.x, when logging in a user, records the password in plaintext in the URL, which allows local users and possibly remote attackers to gain privileges.
nvd
CVE-2005-2463P4MEDIUMCVSS 6.4v2.02005-12-31
CVE-2005-2463 [MEDIUM] CVE-2005-2463: Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request
Kayako liveResponse 2.x allows remote attackers to obtain sensitive information via a direct request to addressbook.php and other include scripts, which reveals the path in an error message.
nvd