Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2023-3038

Disclosure Date: October 04, 2023 (last updated February 25, 2025)
SQL injection vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the rows parameter of the jsonGrid route and extract all the information stored in the application.
Attacker Value
Unknown

CVE-2023-3037

Disclosure Date: October 04, 2023 (last updated February 25, 2025)
Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to access the platform without authentication and retrieve personal data via the jsonGrid parameter.
Attacker Value
Unknown

CVE-2017-14146

Disclosure Date: September 05, 2017 (last updated November 26, 2024)
HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory.
0
Attacker Value
Unknown

CVE-2017-14145

Disclosure Date: September 05, 2017 (last updated November 26, 2024)
HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATH_INFO, related to the selectWarning function.
0
Attacker Value
Unknown

CVE-2017-7447

Disclosure Date: April 05, 2017 (last updated November 26, 2024)
HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.
0
Attacker Value
Unknown

CVE-2017-7446

Disclosure Date: April 05, 2017 (last updated November 26, 2024)
HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.
0