Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-16955
SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request.
Solarwinds Webhelpdesk 12.7.0
312
VMScore
CVE-2019-16957
SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account.
Solarwinds Webhelpdesk 12.7.0
356
VMScore
CVE-2019-16959
SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket.
Solarwinds Webhelpdesk 12.7.0
801
VMScore
CVE-2012-0366
Cisco Unity Connection prior to 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.
Cisco Unity Connection 7.1\\(3a\\)su1
Cisco Unity Connection 7.1\\(3a\\)su1a
Cisco Unity Connection 7.1\\(5\\)
Cisco Unity Connection 7.1\\(5a\\)
Cisco Unity Connection 7.1\\(5b\\)
Cisco Unity Connection 2.1\\(3\\)
Cisco Unity Connection 2.1\\(4\\)
Cisco Unity Connection 2.1\\(5\\)
Cisco Unity Connection 2.1\\(4a\\)
Cisco Unity Connection 1.1\\(1\\)
Cisco Unity Connection 1.1\\(1\\) Es1
Cisco Unity Connection 1.1\\(1\\) Es12
Cisco Unity Connection 1.1\\(1\\) Sr1
Cisco Unity Connection 7.1\\(2\\)
Cisco Unity Connection 7.1\\(2b\\)
Cisco Unity Connection 7.1\\(2b\\)su1
Cisco Unity Connection 7.1\\(2a\\)
Cisco Unity Connection 7.0
Cisco Unity Connection 7.0\\(2\\)
Cisco Unity Connection 7.0\\(2a\\)su2
Cisco Unity Connection 7.0\\(2a\\)su3
Cisco Unity Connection 2.1\\(3b\\)su1
435
VMScore
CVE-2018-15608
Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen.
Manageengine Admanager Plus 6.5.7
1 EDB exploit
383
VMScore
CVE-2021-29267
Sherlock SherlockIM through 2021-03-29 allows Cross Site Scripting (XSS) by leveraging the api/Files/Attachment URI to attack help-desk staff via the chatbot feature.
Sherlockim Sherlockim
1 Github repository
755
VMScore
CVE-2017-11346
Zoho ManageEngine Desktop Central before build 100092 allows remote malicious users to execute arbitrary code via vectors involving the upload of help desk videos.
Zohocorp Manageengine Desktop Central
1 EDB exploit
NA
CVE-2023-39912
Zoho ManageEngine ADManager Plus prior to 7203 allows Help Desk Technician users to read arbitrary files on the machine where this product is installed.
Zohocorp Manageengine Admanager Plus
802
VMScore
CVE-2022-22798
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 - An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to...
Sysaid Sysaid
578
VMScore
CVE-2018-0322
A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote malicious user to modify sensitive data that is associated with arbitrary accounts on an affected device. The vulnerability is due to a failure to ...
Cisco Prime Collaboration
Cisco Prime Collaboration Provisioning
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »