Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-32076
Access Restriction Bypass via referrer spoof exists in SolarWinds Web Help Desk 12.7.2. An attacker can access the 'Web Help Desk Getting Started Wizard', especially the admin account creation page, from a non-privileged IP address network range or loopback address by i...
Solarwinds Web Help Desk
8.8
CVSSv3
CVE-2021-43609
An issue exists in Spiceworks Help Desk Server prior to 1.3.3. A Blind Boolean SQL injection vulnerability within the order_by_for_ticket function in app/models/reporting/database_query.rb allows an authenticated malicious user to execute arbitrary SQL commands via the sort param...
Spiceworks Help Desk Server
NA
CVE-2005-4628
SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and previous versions allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Help Desk Point Software Helpdeskpoint
NA
CVE-2009-1261
Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk 9.1.22 (evaluation version) allow remote malicious users to inject arbitrary web script or HTML via the (1) Report Name, (2) Asset No., and (3) Full Name fields in a Models action. NOTE: the provenance of this i...
Webhelpdesk Web Help Desk 9.1.22
NA
CVE-2006-6161
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id and (2) uid parameter to (a) inout/status.asp, (b) inout/update.asp, and (c) forgotpass.asp. NOTE: The...
Doug Luxem Liberum Help Desk
NA
CVE-2008-6057
Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request.
Liberum Liberum Help Desk 0.97.3
1 EDB exploit
NA
CVE-2005-1839
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp.
Liberum Liberum Help Desk 0.97.3
5.4
CVSSv3
CVE-2019-16954
SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.
Solarwinds Web Help Desk 12.7.0
5.4
CVSSv3
CVE-2019-16961
SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name.
Solarwinds Web Help Desk 12.7.0
5.4
CVSSv3
CVE-2019-16956
SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket.
Solarwinds Web Help Desk 12.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »