Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-16961
SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name.
Solarwinds Web Help Desk 12.7.0
5.4
CVSSv3
CVE-2019-16954
SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.
Solarwinds Web Help Desk 12.7.0
5.4
CVSSv3
CVE-2019-16960
SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field.
Solarwinds Web Help Desk 12.7.0
NA
CVE-2009-4047
Multiple cross-site scripting (XSS) vulnerabilities in PHD Help Desk 1.43 allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO to area.php; the (2) pagina, (3) sentido, (4) q_registros, and (5) orden parameters to area.php; (6) the q_registros...
P-hd Phd Help Desk 1.43
6 EDB exploits
NA
CVE-2006-6160
SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Doug Luxem Liberum Help Desk 0.97.3
1 EDB exploit
9.8
CVSSv3
CVE-2021-24741
The Support Board WordPress plugin prior to 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before using them in SQL statements, leading to SQL injections which are exploitable ...
Schiocco Support Board - Chat And Help Desk
1 Github repository
5.4
CVSSv3
CVE-2018-18373
In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sb_ajax_add_message action.
Schiocco Support Board - Chat And Help Desk 1.2.3
NA
CVE-2013-3577
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote malicious users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field).
Wave Embassy Remote Administration Server -
Wave Embassy Remote Administration Server Help Desk -
NA
CVE-2013-3578
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution...
Wave Embassy Remote Administration Server -
Wave Embassy Remote Administration Server Help Desk -
NA
CVE-2006-6158
Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseFlow Help Desk 2.31 and also sold as (c) Ace Helpdesk 2.31, allow remote malicious users to inject arbitrary web script or HTML via the (1) id or email parameter to ticketview.php, ...
Ace Helpdesk Ace Helpdesk 2.3.1
Inverseflow Help Desk 2.31
Pmos Helpdesk Pmos Helpdesk 2.4
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »