35 matches found
CVE-2023-25350
Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. When the user logs in through the login box, he has no judgment on the validity of the user's input data. The parameters passed from the front end to the back end are controllable, which will lead to SQL injection...
EUVD-2023-29308
Malicious code in bioql PyPI...
EUVD-2023-23947
Malicious code in bioql PyPI...
CVE-2024-46482
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...
CVE-2024-51377
An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields...
CVE-2024-51377
An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields...
CVE-2024-51377
An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields...
PT-2024-34613 · Ladybird Web Solution · Ladybird Web Solution Faveo Helpdesk & Servicedesk
Name of the Vulnerable Software and Affected Versions: Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud version 9.2.0 Description: An issue in the software allows a remote attacker to execute arbitrary code via the Subject and Identifier fields. This enables the attacker to...
CVE-2024-51377
CVE-2024-51377 affects Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) v9.2.0. The issue allows a remote attacker to execute arbitrary code via the Subject and Identifier fields. In the connected sources, the vulnerability is documented across multiple feeds (including R...
CVE-2024-51377
An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk On-Premise and Cloud 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields...
Faveo Helpdesk 安全漏洞
Faveo Helpdesk is an open source ticketing system built on the Laravel framework by Ladybird Web Solution. Provides organizations with an automated helpdesk system to manage customer support. A security vulnerability exists in Faveo Helpdesk version 9.2.0 that originates from a remote attacker wh...
CVE-2024-46482
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...
CVE-2024-46482
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...
Faveo Helpdesk 安全漏洞
Faveo Helpdesk is an open source ticketing system built by Faveo based on Laravel framework. A security vulnerability exists in Faveo Helpdesk v2.0.3, which stems from an arbitrary file upload issue in the Ticket Generation feature...
CVE-2024-46482
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file...
CVE-2023-1724
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS...
CVE-2023-1724
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS...
Cross site scripting
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS...
CVE-2023-1724
CVE-2023-1724 affects Faveo Helpdesk Enterprise 6.0.1. The vulnerability is a stored XSS in the application that enables privilege escalation for an attacker possessing agent permissions. Documented impact states that an agent with privileges can escalate within the app; no public exploitation de...
CVE-2023-1724 Faveo Helpdesk Enterprise 6.0.1 - Privilege Escalation via Stored XSS
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS...