SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.Referenceshttp://www.securityfocus.com/bid/7609http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0070.htmlhttp://marc.info/?l=bugtraq&m=105302025601231&w=2
