form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-12-28T00:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2007-12-27T00:00:00
Link: CVE-2007-6550
JSON object: View
NVD Information
Status : Modified
Published: 2007-12-28T00:46:00.000
Modified: 2017-09-29T01:29:59.190
Link: CVE-2007-6550
JSON object: View
Redhat Information
No data.
CWE