2009-03-06 18:00:00
mitre
PUBLISHED
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that arent standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.