2005-11-05 11:00:00
mitre
PUBLISHED
attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter.