Show filters
83 Total Results
Displaying 41-50 of 83
Sort by:
Attacker Value
Unknown

CVE-2015-4075

Disclosure Date: September 20, 2017 (last updated November 26, 2024)
The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2015-4071

Disclosure Date: August 18, 2017 (last updated November 26, 2024)
The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}.
0
0
Attacker Value
Unknown

CVE-2017-7571

Disclosure Date: April 06, 2017 (last updated November 26, 2024)
public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2013-7191

Disclosure Date: December 21, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Tenmiles Helpdesk Pilot allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI for a ticket.
0
0
Attacker Value
Unknown

CVE-2010-2907

Disclosure Date: July 28, 2010 (last updated October 04, 2023)
SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid[0] parameter in a detail action to index.php.
0
0
Attacker Value
Unknown

CVE-2009-4544

Disclosure Date: January 04, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
0
0
Attacker Value
Unknown

CVE-2009-4543

Disclosure Date: January 04, 2010 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences.
0
0
Attacker Value
Unknown

CVE-2009-4548

Disclosure Date: January 04, 2010 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote attackers to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.php, (3) product_details.php, or (4) reviews.php; the (5) forum_id parameter to forum.php; or the (6) search_category_id parameter to products_search.php.
0
0
Attacker Value
Unknown

CVE-2009-0886

Disclosure Date: March 12, 2009 (last updated October 04, 2023)
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the default_language parameter.
0
0
Attacker Value
Unknown

CVE-2008-6440

Disclosure Date: March 06, 2009 (last updated October 04, 2023)
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
0
0
View More Topics  < Previous  Next >