Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2015-3001
SysAid Help Desk prior to 15.2 uses a hardcoded password of Password1 for the sa SQL Server Express user account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.
Sysaid Sysaid
1 EDB exploit
755
VMScore
CVE-2007-6550
form.php in PMOS Help Desk 2.4 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
Pmos Helpdesk Pmos Helpdesk
1 EDB exploit
NA
CVE-2024-31273
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and including 2.8.3.
NA
CVE-2023-25444
Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and including 2.7.7.
NA
CVE-2022-47151
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and in...
356
VMScore
CVE-2011-4817
The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configu...
Ibm Maximo Asset Management 6.2
Ibm Maximo Asset Management 7.5
Ibm Maximo Asset Management 7.1
Ibm Maximo Asset Management Essentials 7.5
Ibm Maximo Asset Management Essentials 6.2
Ibm Maximo Asset Management Essentials 7.1
Ibm Tivoli Asset Management For It 6.2
Ibm Tivoli Asset Management For It 7.1
Ibm Tivoli Asset Management For It 7.2
Ibm Trivoli Service Request Manager 7.1
Ibm Trivoli Service Request Manager 7.2
Ibm Maximo Service Desk 6.2
Ibm Tivoli Change And Configuration Management Database 6.2
Ibm Tivoli Change And Configuration Management Database 7.1
Ibm Tivoli Change And Configuration Management Database 7.2
NA
CVE-2023-23679
Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk: from n/a up to and including 2.7.7.
Jshelpdesk Jshelpdesk
668
VMScore
CVE-2005-4025
Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote malicious users to gain privileges via a direct request to install.php, then navigating to accountsetup.php and creating a new user.
NA
CVE-2023-37890
Missing Authorization vulnerability in WPOmnia KB Support – WordPress Help Desk and Knowledge Base allows Accessing Functionality Not Properly Constrained by ACLs. Users with a role as low as a subscriber can view other customers.This issue affects KB Support – WordPr...
Liquidweb Kb Support
320
VMScore
CVE-2021-35232
Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password has...
Solarwinds Webhelpdesk
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »