Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cerberus cerberus helpdesk 3.2.1 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-6366
Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 up to and including 2.7, 3.2.1, and 3.3 allows remote malicious users to inject arbitrary web script or HTML via the js parameter. NOTE: The provenance of this i...
Cerberus Helpdesk 0.97.3
Cerberus Helpdesk 2.0
Cerberus Helpdesk 2.7.1
Cerberus Helpdesk 3.2.1
Cerberus Helpdesk 2.4
Cerberus Helpdesk 2.5
Cerberus Helpdesk 2.1
Cerberus Helpdesk 2.2
Cerberus Helpdesk 2.3
Cerberus Helpdesk 3.2.317
Cerberus Helpdesk 3.3
Cerberus Helpdesk 2.6.1
Cerberus Helpdesk 2.7
1 EDB exploit
5
CVSSv2
CVE-2008-6440
Cerberus Helpdesk prior to 4.0 (Build 600) allows remote malicious users to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
Webgroupmedia Cerberus Helpdesk 2.7
Webgroupmedia Cerberus Helpdesk
Webgroupmedia Cerberus Helpdesk 0.97.3
Webgroupmedia Cerberus Helpdesk 3.2.1
Cerberus Cerberus Helpdesk 2.5
Webgroupmedia Cerberus Helpdesk 2.6.1
Webgroupmedia Cerberus Helpdesk 2.2
Webgroupmedia Cerberus Helpdesk 2.0
Webgroupmedia Cerberus Helpdesk 2.3
Webgroupmedia Cerberus Helpdesk 2.7.1
Webgroupmedia Cerberus Helpdesk 2.649
Webgroupmedia Cerberus Helpdesk 2.1
Webgroupmedia Cerberus Helpdesk 2.4
Webgroupmedia Cerberus Helpdesk 3.2
5
CVSSv2
CVE-2006-5428
rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote malicious users to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.
Cerberus Cerberus Helpdesk 3.2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started