Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-2993
SysAid Help Desk prior to 15.2 does not properly restrict access to certain functionality, which allows remote malicious users to (1) create administrator accounts via a crafted request to /createnewaccount or (2) write to arbitrary files via the fileName parameter to /userentry.
Sysaid Sysaid
1 EDB exploit
7.5
CVSSv2
CVE-2013-3577
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote malicious users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field).
Wave Embassy Remote Administration Server -
Wave Embassy Remote Administration Server Help Desk -
7.5
CVSSv2
CVE-2009-2604
Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote malicious users to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to admin.asp.
Zenhelpdesk Zen Help Desk 2.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-6550
form.php in PMOS Help Desk 2.4 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
Pmos Helpdesk Pmos Helpdesk
1 EDB exploit
7.5
CVSSv2
CVE-2007-4716
Multiple SQL injection vulnerabilities in PHD Help Desk prior to 1.31 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Phd Help Desk
7.5
CVSSv2
CVE-2006-6160
SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Doug Luxem Liberum Help Desk 0.97.3
1 EDB exploit
7.5
CVSSv2
CVE-2006-6161
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id and (2) uid parameter to (a) inout/status.asp, (b) inout/update.asp, and (c) forgotpass.asp. NOTE: The...
Doug Luxem Liberum Help Desk
7.5
CVSSv2
CVE-2005-4628
SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and previous versions allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Help Desk Point Software Helpdeskpoint
7.5
CVSSv2
CVE-2005-4025
Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote malicious users to gain privileges via a direct request to install.php, then navigating to accountsetup.php and creating a new user.
7.5
CVSSv2
CVE-2005-1839
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp.
Liberum Liberum Help Desk 0.97.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »