Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50839
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and in...
Wiselyhub Js Help Desk
NA
CVE-2023-37890
Missing Authorization vulnerability in WPOmnia KB Support – WordPress Help Desk and Knowledge Base allows Accessing Functionality Not Properly Constrained by ACLs. Users with a role as low as a subscriber can view other customers.This issue affects KB Support – WordPr...
Liquidweb Kb Support
NA
CVE-2021-43609
An issue exists in Spiceworks Help Desk Server prior to 1.3.3. A Blind Boolean SQL injection vulnerability within the order_by_for_ticket function in app/models/reporting/database_query.rb allows an authenticated malicious user to execute arbitrary SQL commands via the sort param...
Spiceworks Help Desk Server
NA
CVE-2023-39912
Zoho ManageEngine ADManager Plus prior to 7203 allows Help Desk Technician users to read arbitrary files on the machine where this product is installed.
Zohocorp Manageengine Admanager Plus
NA
CVE-2023-23679
Authorization Bypass Through User-Controlled Key vulnerability in JS Help Desk js-support-ticket allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk: from n/a up to and including 2.7.7.
Jshelpdesk Jshelpdesk
NA
CVE-2023-1019
The Help Desk WP WordPress plugin up to and including 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.
Help Desk Wp Project Help Desk Wp
NA
CVE-2023-1125
The Ruby Help Desk WordPress plugin prior to 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an malicious user to close and/or add files and replies to tickets other than their own.
Wpruby Ruby Help Desk
NA
CVE-2021-33352
An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows malicious user to execute arbitrary code via a phar file upload in the ticket message field.
Wyomind Help Desk
NA
CVE-2021-33351
Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows malicious users to escalte privileges via a crafted payload in the ticket message field.
Wyomind Help Desk
NA
CVE-2021-33353
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows malicious user to execute arbitrary code via the file attachment directory setting.
Wyomind Help Desk
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280
CVE-2024-5346
CVE-2024-30078
CVE-2022-45803
CVE-2024-36886
SQL
CVE-2024-24553
IMAP
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »