CVE-2026-23758

GFI HelpDesk prior to 4.99.9 is affected by a stored XSS in the ticket subject via the editsubject POST parameter. The issue arises from insufficient sanitization in Controller_Ticket.EditSubmit(), which bypasses the incomplete SanitizeForXSS() method, permitting an authenticated staff member to ...

GFI HelpDesk 安全漏洞

GFI HelpDesk is an open-source service request and ticket management system for enterprise IT support processes developed by GFI. Versions of GFI HelpDesk prior to 4.99.9 contained security vulnerabilities. These vulnerabilities stemmed from insufficient cleaning of the charset POST parameter in...

EUVD-2021-14740

Malware in sbrugna...

EUVD-2005-3005

Malware in sbrugna...

I-net Software HelpDesk 信任管理问题漏洞

I-net Software HelpDesk is a suite of service management helpdesk software from I-net Software, Germany. A trust management issue vulnerability exists in I-net Software HelpDesk versions prior to 3.3.3 that stems from improper certificate validation, which could allow a remote attacker to...

CVE-2023-42231

Pat Infinite Solutions HelpdeskAdvanced

Track-It! 授权问题漏洞

Bmc Software Track-It! is an It helpdesk software from Bmc Software, USA. for helpdesks and service desks with asset management. A security vulnerability exists in BMC Track-It! that stems from a lack of authentication before allowing access to features. An attacker could exploit this vulnerabili...

CVE-2021-28022

Blind SQL injection in the login form in ServiceTonic Helpdesk software 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries...

Design/Logic Flaw

Unauthorized system access in the login form in ServiceTonic Helpdesk software version 9.0.35937 allows attacker to login without using a password...

CVE-2021-28022

Blind SQL injection in the login form in ServiceTonic Helpdesk software 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries...

Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability

Zoho ManageEngine ServiceDesk Plus SDP is a web-based IT helpdesk software with integrated asset and project management capabilities, based on the ITIL framework. An authentication bypass vulnerability exists in Zoho ManageEngine ServiceDesk Plus prior to version 11134 during SAML login. No detai...

UBUNTU-CVE-2020-11033

In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All apitokens which can be used to do privileges escalations or read/update/delete data normally non...

Deskpro has an unspecified vulnerability

Deskpro is a helpdesk software solution that helps companies manage communication with their customers and user base across multiple channels. A security vulnerability exists in Deskpro, which can be exploited by an attacker to abuse accessible variables in the context of code to implement native...

CVE-2005-3005

Helpdesk Software Hesk allows remote attackers to bypass authentication for 1 admin.php and 2 adminmain.php by modifying the PHPSESSID session ID parameter or cookie...

CVE-2005-3005

The CVE-2005-3005 issue affects Helpdesk Software Hesk: an authentication bypass via manipulation of the PHPSESSID value (session ID) in admin.php and admin_main.php. Attackers can bypass login remotely by altering the session ID cookie/parameter to gain access without valid credentials; affected...

CVE-2005-3005

Helpdesk Software Hesk allows remote attackers to bypass authentication for 1 admin.php and 2 adminmain.php by modifying the PHPSESSID session ID parameter or cookie...

CVE-2005-2843

Helpdesk software Hesk 0.92 does not properly verify usernames and passwords, which allows remote attackers to bypass authentication via a direct request to adminmain.php...

CVE-2005-2843

Helpdesk software Hesk 0.92 does not properly verify usernames and passwords, which allows remote attackers to bypass authentication via a direct request to adminmain.php...

CVE-2005-2843

CVE-2005-2843 affects the Helpdesk software Hesk 0.92 . The issue is an authentication bypass where remote attackers can bypass login by sending a direct request to admin_main.php . The vulnerability enables partial confidentiality, integrity, and availability impact as per the CVSS data (network...

Vulnerability in Helpdesk software Hesk 0.92

By The Name Of Allah Vulnerability in Helpdesk software Hesk .. Vulnerability Type : Login into The Administrator Menu With out Password Injected version : Helpdesk software Hesk 0.92 Vulnerability Example http://www.springporttwppd.com/helpdesk/ add : admin.php...