CVE-2005-2461

Published: Dec 31, 2005Modified: Apr 16, 2026

6.4

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability: 10.0 / Impact: 4.9

Source: NVD

Description

Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) date parameter.

Affected (1)

Products: Kayako: Liveresponse

Kayako

1 product

Liveresponse

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kayako Liveresponse	Version 2.0

References (10)

http://marc.info/?l=bugtraq&m=112274359718863&w=2

Source: cve@mitre.org

http://secunia.com/advisories/16286

Source: cve@mitre.org

Vendor Advisory

http://www.gulftech.org/?node=research&article_id=00092-07302005

Source: cve@mitre.org

http://www.osvdb.org/18396

Source: cve@mitre.org

http://www.securityfocus.com/bid/14425

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=112274359718863&w=2