Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-4827
Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, ...
Sap Sap Gui 6.40
Sap Sap Gui 7.10
Servantix Tsc2 Help Desk 4.18
Sap Tabone 7.0.0.16
Componentone Sizerone 8.0.20081.140
9
CVSSv2
CVE-2022-22798
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22.1.30 b49 - An attacker needs to log in as a guest after that the system redirects him to the service portal or EndUserPortal.JSP, then he needs to change the path in the URL to...
Sysaid Sysaid
9
CVSSv2
CVE-2013-3578
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution...
Wave Embassy Remote Administration Server -
Wave Embassy Remote Administration Server Help Desk -
9
CVSSv2
CVE-2012-0366
Cisco Unity Connection prior to 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.
Cisco Unity Connection 7.1\\(3a\\)su1
Cisco Unity Connection 7.1\\(3a\\)su1a
Cisco Unity Connection 7.1\\(5\\)
Cisco Unity Connection 7.1\\(5a\\)
Cisco Unity Connection 7.1\\(5b\\)
Cisco Unity Connection 2.1\\(3\\)
Cisco Unity Connection 2.1\\(4\\)
Cisco Unity Connection 2.1\\(5\\)
Cisco Unity Connection 2.1\\(4a\\)
Cisco Unity Connection 1.1\\(1\\)
Cisco Unity Connection 1.1\\(1\\) Es1
Cisco Unity Connection 1.1\\(1\\) Es12
Cisco Unity Connection 1.1\\(1\\) Sr1
Cisco Unity Connection 7.1\\(2\\)
Cisco Unity Connection 7.1\\(2b\\)
Cisco Unity Connection 7.1\\(2b\\)su1
Cisco Unity Connection 7.1\\(2a\\)
Cisco Unity Connection 7.0
Cisco Unity Connection 7.0\\(2\\)
Cisco Unity Connection 7.0\\(2a\\)su2
Cisco Unity Connection 7.0\\(2a\\)su3
Cisco Unity Connection 2.1\\(3b\\)su1
8.5
CVSSv2
CVE-2015-2996
Multiple directory traversal vulnerabilities in SysAid Help Desk prior to 15.2 allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the fileName parameter to getGfiUpgradeFile or (2) cause a denial of service (CPU and memory consumption) via a .. (dot do...
Sysaid Sysaid
1 EDB exploit
2 Metasploit modules
7.8
CVSSv2
CVE-2015-3000
SysAid Help Desk prior to 15.2 allows remote malicious users to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry, (2) /rdsmonitoringresponse, or (3) /androidactions, aka an XML Entity Expan...
Sysaid Sysaid
1 EDB exploit
7.5
CVSSv2
CVE-2021-24741
The Support Board WordPress plugin prior to 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before using them in SQL statements, leading to SQL injections which are exploitable ...
Schiocco Support Board - Chat And Help Desk
1 Github repository
7.5
CVSSv2
CVE-2017-11346
Zoho ManageEngine Desktop Central before build 100092 allows remote malicious users to execute arbitrary code via vectors involving the upload of help desk videos.
Zohocorp Manageengine Desktop Central
1 EDB exploit
7.5
CVSSv2
CVE-2016-5048
SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary SQL commands via the user name field.
Readydesk Readydesk 9.1
7.5
CVSSv2
CVE-2016-5050
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary code by uploading and requesting a .aspx file.
Readydesk Readydesk 9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »