Help Desk
by Phd
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-6158 | 0.03 | — | 0.03 | Nov 28, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseFlow Help Desk 2.31 and also sold as (c) Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the (1) id or email parameter to ticketview.php, or… | |||
| CVE-2023-1019 | 0.00 | — | 0.00 | May 15, 2023 | The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks. | |||
| CVE-2022-40325 | 0.00 | — | 0.00 | Sep 11, 2022 | SysAid Help Desk before 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262. | |||
| CVE-2022-40324 | 0.00 | — | 0.00 | Sep 11, 2022 | SysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258. | |||
| CVE-2022-40323 | 0.00 | — | 0.00 | Sep 11, 2022 | SysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR# 67241. | |||
| CVE-2022-40322 | 0.00 | — | 0.00 | Sep 11, 2022 | SysAid Help Desk before 22.1.65 allows XSS, aka FR# 66542 and 65579. | |||
| CVE-2007-4716 | 0.00 | — | 0.01 | Sep 5, 2007 | Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. |
- CVE-2006-6158Nov 28, 2006risk 0.03cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseFlow Help Desk 2.31 and also sold as (c) Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the (1) id or email parameter to ticketview.php, or…
- CVE-2023-1019May 15, 2023risk 0.00cvss —epss 0.00
The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.
- CVE-2022-40325Sep 11, 2022risk 0.00cvss —epss 0.00
SysAid Help Desk before 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262.
- CVE-2022-40324Sep 11, 2022risk 0.00cvss —epss 0.00
SysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258.
- CVE-2022-40323Sep 11, 2022risk 0.00cvss —epss 0.00
SysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR# 67241.
- CVE-2022-40322Sep 11, 2022risk 0.00cvss —epss 0.00
SysAid Help Desk before 22.1.65 allows XSS, aka FR# 66542 and 65579.
- CVE-2007-4716Sep 5, 2007risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.