HelpdeskAdvanced

CVEs (10)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2023-42226	Pat Infinite Solutions HelpdeskAdvanced	—	0.01	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email/SaveAttachment function.
CVE-2023-42225	Pat Infinite Solutions HelpdeskAdvanced	—	0.01	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Attachment/DownloadTempFile function.
CVE-2023-42233	Pat Infinite Solutions HelpdeskAdvanced	—	0.00	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the Filter/FilterEditor function.
CVE-2023-42228	Pat Infinite Solutions HelpdeskAdvanced	—	0.00	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function.
CVE-2023-42227	Pat Infinite Solutions HelpdeskAdvanced	—	0.01	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the WSCView/Save function.
CVE-2023-42234	Pat Infinite Solutions HelpdeskAdvanced	—	0.00	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF) via the WSCView function.
CVE-2023-42231	Pat Infinite Solutions HelpdeskAdvanced	—	0.00	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can delete admin users by sending a request to the "WSCView/Delete" function.
CVE-2023-42229	Pat Infinite Solutions HelpdeskAdvanced	—	0.01	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary files can be created on the system via authenticated SOAP requests to the WSConnector service.
CVE-2023-42230	Pat Infinite Solutions HelpdeskAdvanced	—	0.00	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the WSCView/Save function.
CVE-2023-42232	Pat Infinite Solutions HelpdeskAdvanced	—	0.01	Jan 13, 2025	Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function.

CVE-2023-42226Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.01
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email/SaveAttachment function.
CVE-2023-42225Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.01
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Attachment/DownloadTempFile function.
CVE-2023-42233Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.00
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the Filter/FilterEditor function.
CVE-2023-42228Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.00
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function.
CVE-2023-42227Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.01
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the WSCView/Save function.
CVE-2023-42234Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.00
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF) via the WSCView function.
CVE-2023-42231Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.00
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can delete admin users by sending a request to the "WSCView/Delete" function.
CVE-2023-42229Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.01
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary files can be created on the system via authenticated SOAP requests to the WSConnector service.
CVE-2023-42230Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.00
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the WSCView/Save function.
CVE-2023-42232Jan 13, 2025
Pat Infinite Solutions
HelpdeskAdvanced
risk 0.00cvss —epss 0.01
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function.