VYPR

Web Help Desk

by Webhelpdesk

CVEs (27)

  • CVE-2019-16956Jan 4, 2021
    risk 0.00cvss epss 0.02

    SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket.

  • CVE-2019-16959Dec 21, 2020
    risk 0.00cvss epss 0.02

    SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket.

  • CVE-2019-16955Dec 18, 2020
    risk 0.00cvss epss 0.02

    SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request.

  • CVE-2019-16957Dec 18, 2020
    risk 0.00cvss epss 0.01

    SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account.

  • CVE-2019-16958Dec 1, 2020
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name.

  • CVE-2009-1261Apr 7, 2009
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk 9.1.22 (evaluation version) allow remote attackers to inject arbitrary web script or HTML via the (1) Report Name, (2) Asset No., and (3) Full Name fields in a Models action. NOTE: the provenance of this…

  • CVE-2009-0303Jan 27, 2009
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa.

Page 2 of 2