VYPR

Helpdesk

by Viart

CVEs (7)

  • CVE-2007-6347Dec 13, 2007
    risk 0.04cvss epss 0.07

    PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of…

  • CVE-2009-4548Jan 4, 2010
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote attackers to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.php, (3) product_details.php, or (4) reviews.php; the (5) forum_id parameter to…

  • CVE-2021-28024Nov 8, 2021
    risk 0.00cvss epss 0.01

    Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password.

  • CVE-2021-28022Nov 8, 2021
    risk 0.00cvss epss 0.01

    Blind SQL injection in the login form in ServiceTonic Helpdesk software < 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries.

  • CVE-2020-2500Jul 1, 2020
    risk 0.00cvss epss 0.01

    This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can access the sensitive data on QNAP Kayako server with API keys. We have replaced the API key to mitigate the vulnerability, and already fixed the issue in…

  • CVE-2020-11431May 7, 2020
    risk 0.00cvss epss 0.02

    The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal.

  • CVE-2018-0728Dec 4, 2019
    risk 0.00cvss epss 0.01

    This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions.