Aggregates CVE and security vulnerability intelligence across all liberum-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and vendor risk sql injection and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-6057 | Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request. | [email protected] | 5.0 | 4.49% | 2009-02-04 | 2026-04-23 |
| CVE-2005-1839 | Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp. | [email protected] | 7.5 | 0.58% | 2005-06-02 | 2026-04-16 |
| CVE-2005-1838 | Multiple cross-site scripting vulnerabilities in castnewPost.asp in Liberum Help Desk 0.97.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Email, (2) Title, or (3) Description fields. | [email protected] | 5.0 | 0.35% | 2005-06-02 | 2026-04-16 |