MyHelpDesk 20020509 - SQL Injection
source: https://www.securityfocus.com/bid/4971/info
It is reported that MyHelpDesk (version 20020509 and earlier) are vulnerable to SQL injection attacks.
Data supplied by the remote user, via CGI parameters, is used directly as part of SQL statements. As input sanitization is not properly performed, it is possible to modify the logic of a SQL query.
http://[TARGET]/supporter/index.php?t=detailticket&id=root%20me