VYPR

Facil Helpdesk

by Cromosoft

CVEs (2)

  • CVE-2009-4544Jan 4, 2010
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

  • CVE-2009-4543Jan 4, 2010
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. (dot…