VYPR
High severity8.8NVD Advisory· Published Sep 5, 2017· Updated Jun 17, 2026

CVE-2017-14146

CVE-2017-14146

Description

HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory.

Affected products

2
  • Helpdezk/Helpdezk2 versions
    cpe:2.3:a:helpdezk:helpdezk:1.1.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:helpdezk:helpdezk:1.1.1:*:*:*:*:*:*:*
    • (no CPE)range: =1.1.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.