Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
helpdesk software vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3005
Helpdesk Software Hesk allows remote malicious users to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.
Helpdesk Software Hesk 0.92
Helpdesk Software Hesk 0.93
1 EDB exploit
7.5
CVSSv2
CVE-2005-2843
Helpdesk software Hesk 0.92 does not properly verify usernames and passwords, which allows remote malicious users to bypass authentication via a direct request to admin_main.php.
Helpdesk Software Hesk 0.92
5
CVSSv2
CVE-2004-2736
Polar HelpDesk 3.0 allows remote malicious users to bypass authentication by setting the UserId and UserType values in a cookie.
Polar Software Helpdesk 3.0
1 EDB exploit
6.5
CVSSv2
CVE-2021-28814
An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote malicious users to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions before 3.0.4.
Qnap Helpdesk
7.5
CVSSv2
CVE-2020-2506
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow malicious users to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNA...
Qnap Helpdesk
10
CVSSv2
CVE-2011-0354
The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote malicious users to obtain access via an unspecified login method.
Cisco Tandberg Endpoint
Cisco Tandberg Endpoint Tc3.1.2
Cisco Tandberg Endpoint Tc3.1.1
Cisco Tandberg Endpoint Tc2.1.2
Cisco Tandberg Endpoint Tc3.1.0
Cisco Tandberg Endpoint Tc3.0.0
Cisco Tandberg Endpoint C90
Cisco Tandberg Endpoint C60
Cisco Tandberg Endpoint C40
Cisco Tandberg Endpoint C20
Cisco Tandberg Personal Video Unit Software Tc3.1.0
Cisco Tandberg Personal Video Unit Software Tc3.1.2
Cisco Tandberg Personal Video Unit Software Tc3.1.1
Cisco Tandberg Personal Video Unit Software
Cisco Tandberg Personal Video Unit Ex90
Cisco Tandberg Personal Video Unit Software Te2.2.0
Cisco Tandberg Personal Video Unit Software Te1.0.1
Cisco Tandberg Personal Video Unit E20
Cisco Tandberg Personal Video Unit Ex60
1 EDB exploit
7.5
CVSSv2
CVE-2021-28024
Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows malicious user to login without using a password.
Servicetonic Servicetonic
5
CVSSv2
CVE-2021-28022
Blind SQL injection in the login form in ServiceTonic Helpdesk software < 9.0.35937 allows malicious user to exfiltrate information via specially crafted HQL-compatible time-based SQL queries.
Servicetonic Servicetonic
7.5
CVSSv2
CVE-2021-28023
Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths.
Servicetonic Servicetonic
10
CVSSv2
CVE-2016-2345
Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote malicious users to execute arbitrary code via a crafted string.
Dameware Mini Remote Control 12.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started