GCVE - cpe:2.3:a:idevspot:isupport:1.8:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:idevspot:isupport:1.8:*:*:*:*:*:*:*

part: a version: 1.8 update: *

Vendor	Idevspot (`3748d798-9f9f-5bbb-8b68-cff0780e7ddc`)
Product	Isupport (`012e4570-8d8d-5182-8c6d-522e0b662902`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-5326`	vulnerable	2026-06-08 05:02:56.188672	Details available Cross-site request forgery (CSRF) vulnerability in admin/function.php in IDevSpot iSupport 1.x allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via an administrators action. Published: 2012-10-08T20:00:00.000Z Updated: 2024-08-06T21:05:46.661Z Open on db.gcve.eu Reference links http://www.exploit-db.com/exploits/18404 https://exchange.xforce.ibmcloud.com/vulnerabilities/72611	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6539`	vulnerable	2026-06-08 04:50:09.052558	Details available PHP local file inclusion vulnerability in index.php in IDevspot iSupport 1.8 allows remote attackers to include local files via the include_file parameter. Published: 2007-12-27T23:00:00.000Z Updated: 2024-08-07T16:11:05.983Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/26961 http://securityreason.com/securityalert/3488 http://www.securityfocus.com/archive/1/485392/100/0/threaded http://osvdb.org/39801 https://exchange.xforce.ibmcloud.com/vulnerabilities/39184	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-4884`	vulnerable	2026-06-08 04:49:19.145929	Details available Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers to inject arbitrary web script or HTML via (1) the suser parameter in support/rightbar.php, (2) the ticket_id parameter in support/open_tickets.php, and (3) the cons_page_title parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. Published: 2006-09-19T21:00:00.000Z Updated: 2024-09-17T04:15:16.775Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/19963	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.