Lucene search
K

69 matches found

Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.9 views

PT-2023-22666 · Unknown · Helpdezk Community

Name of the Vulnerable Software and Affected Versions: HelpDezk Community version 1.1.10 Description: The issue is related to a SQL injection vulnerability that could allow a remote attacker to send a specially crafted SQL query to the rows parameter of the "jsonGrid route" and extract all the...

9.8CVSS7.5AI score0.00605EPSS
Exploits0References6
NVD
NVD
added 2020/01/03 8:15 p.m.15 views

CVE-2014-8337

Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZk 1.0.1 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified...

9.8CVSS9.7AI score0.04798EPSS
Exploits4References2
Prion
Prion
added 2020/01/03 8:15 p.m.16 views

Unrestricted file upload

Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZk 1.0.1 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the directory specified...

7.5CVSS8.1AI score0.04798EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2020/01/03 8:0 p.m.161 views

CVE-2014-8337

CVE-2014-8337 affects HelpDEZk 1.0.1 and earlier due to an unrestricted upload of files with dangerous extensions in /includes/classes/uploadify-v2.1.4/uploadify.php . The vulnerability arises from lack of validation of file extensions, enabling a remote attacker to upload arbitrary files and the...

9.8CVSS9.6AI score0.04798EPSS
Exploits4References2Affected Software1
exploitpack
exploitpack
added 2018/11/16 12:0 a.m.40 views

Helpdezk 1.1.1 - Arbitrary File Upload

Helpdezk 1.1.1 - Arbitrary File Upload Exploit Title: Helpdezk 1.1.1 - Arbitrary File Upload Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.283 views

Helpdezk 1.1.1 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Helpdezk 1.1.1 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category:...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/16 12:0 a.m.491 views

Helpdezk 1.1.1 Shell Upload

Exploit Title: Helpdezk 1.1.1 - Arbitrary File Upload Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category: Webapps Tested on:...

Exploits0
Exploit DB
Exploit DB
added 2018/11/16 12:0 a.m.29 views

Helpdezk 1.1.1 - Arbitrary File Upload

Exploit Title: Helpdezk 1.1.1 - Arbitrary File Upload Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category: Webapps Tested on:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/15 12:0 a.m.277 views

Helpdezk 1.1.1 SQL Injection

Exploit Title: Helpdezk 1.1.1 - 'query' SQL Injection Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category: Webapps Tested on:...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.279 views

Helpdezk 1.1.1 - query SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Helpdezk 1.1.1 - 'query' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category:...

0.4AI score
Exploits0
CNVD
CNVD
added 2017/09/06 12:0 a.m.6 views

HelpDEZk File Upload Vulnerability

HelpDEZk is a suite of PHP-based software for managing requests and events. The software manages workflow, logging process and maintenance history through a shared service center. A file upload vulnerability exists in HelpDEZk version 1.1.1. A remote attacker can exploit this vulnerability by...

8.8CVSS9.1AI score0.01321EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/06 12:0 a.m.5 views

HelpDEZk SQL Injection Vulnerability

HelpDEZk is a suite of PHP-based software for managing requests and events. The software manages workflow, logging process and maintenance history through a shared service center. A SQL injection vulnerability exists in the app\modules\admin\controllers\loginController.php file in HelpDEZk versio...

9.8CVSS9.8AI score0.01161EPSS
Exploits1References1
NVD
NVD
added 2017/09/05 7:29 a.m.14 views

CVE-2017-14145

HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATHINFO, related to the selectWarning function...

9.8CVSS9.9AI score0.01161EPSS
Exploits1References1
NVD
NVD
added 2017/09/05 7:29 a.m.21 views

CVE-2017-14146

HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory...

8.8CVSS8.7AI score0.01321EPSS
Exploits0References1
Prion
Prion
added 2017/09/05 7:29 a.m.13 views

Directory traversal

HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory...

6.5CVSS8.7AI score0.01321EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/09/05 7:29 a.m.10 views

CVE-2017-14145

HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATHINFO, related to the selectWarning function...

9.8CVSS8.1AI score
Exploits0References1
OSV
OSV
added 2017/09/05 7:29 a.m.14 views

CVE-2017-14146

HelpDEZk 1.1.1 allows remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it in the helpdezk\app\uploads\helpdezk\attachments\ directory...

8.8CVSS7.5AI score
Exploits0References1
Prion
Prion
added 2017/09/05 7:29 a.m.12 views

Sql injection

HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATHINFO, related to the selectWarning function...

7.5CVSS9.8AI score0.01161EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/09/05 7:0 a.m.51 views

CVE-2017-14145

HelpDEZk 1.1.1 has a SQL Injection vulnerability in app/modules/admin/controllers/loginController.php via the admin/login/getWarningInfo/id/ PATH_INFO, related to the selectWarning function. The initial records (CVE-2017-14145) enumerate high-severity impact (C/P/I/A partial) with CVSS2/3 scores ...

9.8CVSS9.8AI score0.01161EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/09/05 7:0 a.m.18 views

CVE-2017-14145

HelpDEZk 1.1.1 has SQL Injection in app\modules\admin\controllers\loginController.php via the admin/login/getWarningInfo/id/ PATHINFO, related to the selectWarning function...

9.9AI score0.01161EPSS
Exploits1References1
Rows per page
Query Builder