** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1.0.2. The feature to auto-login a user, via the RememberMe functionality, is prone to SQL injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26546
Reference (s):
- https://excellium-services.com/cert-xlm-advisory/CVE-2020-26546/