VYPR
Vendor

Zen Help Desk Software

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2009-2604Jul 27, 2009
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to admin.asp.

  • CVE-2007-3146Jun 11, 2007
    risk 0.00cvss epss 0.01

    Zen Help Desk 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for ZenHelpDesk.mdb.