Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
help desk vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-46839
Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and including 2.7.1.
Wiselyhub Js Help Desk
9.8
CVSSv3
CVE-2023-50839
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a up to and in...
Wiselyhub Js Help Desk
9.8
CVSSv3
CVE-2021-33352
An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows malicious user to execute arbitrary code via a phar file upload in the ticket message field.
Wyomind Help Desk
9.8
CVSSv3
CVE-2021-33353
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows malicious user to execute arbitrary code via the file attachment directory setting.
Wyomind Help Desk
9.8
CVSSv3
CVE-2021-24741
The Support Board WordPress plugin prior to 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before using them in SQL statements, leading to SQL injections which are exploitable ...
Schiocco Support Board - Chat And Help Desk
1 Github repository
9.8
CVSSv3
CVE-2017-11346
Zoho ManageEngine Desktop Central before build 100092 allows remote malicious users to execute arbitrary code via vectors involving the upload of help desk videos.
Zohocorp Manageengine Desktop Central
1 EDB exploit
9.8
CVSSv3
CVE-2016-5048
SQL injection vulnerability in chat/staff/default.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary SQL commands via the user name field.
Readydesk Readydesk 9.1
9.8
CVSSv3
CVE-2016-5050
Unrestricted file upload vulnerability in chat/sendfile.aspx in ReadyDesk 9.1 allows remote malicious users to execute arbitrary code by uploading and requesting a .aspx file.
Readydesk Readydesk 9.1
9
CVSSv3
CVE-2021-33351
Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows malicious users to escalte privileges via a crafted payload in the ticket message field.
Wyomind Help Desk
8.8
CVSSv3
CVE-2021-43609
An issue exists in Spiceworks Help Desk Server prior to 1.3.3. A Blind Boolean SQL injection vulnerability within the order_by_for_ticket function in app/models/reporting/database_query.rb allows an authenticated malicious user to execute arbitrary SQL commands via the sort param...
Spiceworks Help Desk Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »