Lucene search
K

69 matches found

CVE
CVE
added 2017/09/05 7:0 a.m.51 views

CVE-2017-14145

HelpDEZk 1.1.1 has a SQL Injection vulnerability in app/modules/admin/controllers/loginController.php via the admin/login/getWarningInfo/id/ PATH_INFO, related to the selectWarning function. The initial records (CVE-2017-14145) enumerate high-severity impact (C/P/I/A partial) with CVSS2/3 scores ...

9.8CVSS9.8AI score0.01161EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2017/09/05 7:0 a.m.53 views

CVE-2017-14146

CVE-2017-14146 affects HelpDEZk 1.1.1 and enables remote authenticated users to execute arbitrary PHP code by uploading a .php attachment and then requesting it from the helpdezk\app\uploads\helpdezk\attachments\ directory. The available sources confirm this file-upload vulnerability and PHP code...

8.8CVSS8.7AI score0.01321EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/04/10 12:0 a.m.6 views

HelpDEZk Cross-Site Request Forgery Vulnerability

HelpDEZk is a suite of PHP-based software for managing requests, events. A cross-site request forgery vulnerability exists in admin/home/person/ in HelpDEZk. It allows remote attackers to construct malicious URIs and trick users into parsing them, which can be used to perform malicious actions an...

8.8CVSS8.8AI score0.03091EPSS
Exploits5References1
CNVD
CNVD
added 2017/04/10 12:0 a.m.4 views

HelpDEZk Cross-Site Request Forgery Vulnerability (CNVD-2017-04611)

HelpDEZk is a suite of PHP-based software for managing requests, events. A cross-site request forgery vulnerability exists in admin/home/logos/ in HelpDEZk. Allows a remote attacker to construct a malicious URI and trick a user into parsing it, which could perform a malicious action in the contex...

8.8CVSS8.6AI score0.03487EPSS
Exploits5References1
0day.today
0day.today
added 2017/04/06 12:0 a.m.59 views

HelpDEZK 1.1.1 - Cross-Site Request Forgery / Code Execution Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Multiple CSRF Remote Code Execution Vulnerability on HelpDEZK 1.1.1 Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.helpdezk.org/ Software Link:...

6.8CVSS0.1AI score0.03487EPSS
Exploits6
NVD
NVD
added 2017/04/05 10:59 p.m.16 views

CVE-2017-7447

HelpDEZk 1.1.1 has CSRF in admin/home/logos/ with an impact of remote execution of arbitrary PHP code...

8.8CVSS8.9AI score0.03487EPSS
Exploits5References4
OSV
OSV
added 2017/04/05 10:59 p.m.15 views

CVE-2017-7446

HelpDEZk 1.1.1 has CSRF in admin/home/person/ with an impact of obtaining admin privileges...

8.8CVSS6.9AI score
Exploits0References4
OSV
OSV
added 2017/04/05 10:59 p.m.16 views

CVE-2017-7447

HelpDEZk 1.1.1 has CSRF in admin/home/logos/ with an impact of remote execution of arbitrary PHP code...

8.8CVSS7.3AI score
Exploits0References4
NVD
NVD
added 2017/04/05 10:59 p.m.12 views

CVE-2017-7446

HelpDEZk 1.1.1 has CSRF in admin/home/person/ with an impact of obtaining admin privileges...

8.8CVSS8.8AI score0.03091EPSS
Exploits5References4
Prion
Prion
added 2017/04/05 10:59 p.m.15 views

Cross site request forgery (csrf)

HelpDEZk 1.1.1 has CSRF in admin/home/person/ with an impact of obtaining admin privileges...

6.8CVSS8.7AI score0.03091EPSS
Exploits5References4Affected Software1
Prion
Prion
added 2017/04/05 10:59 p.m.19 views

Code injection

HelpDEZk 1.1.1 has CSRF in admin/home/logos/ with an impact of remote execution of arbitrary PHP code...

6.8CVSS8.9AI score0.03487EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2017/04/05 10:0 p.m.19 views

CVE-2017-7446

HelpDEZk 1.1.1 has CSRF in admin/home/person/ with an impact of obtaining admin privileges...

8.8AI score0.03091EPSS
Exploits5References4
CVE
CVE
added 2017/04/05 10:0 p.m.66 views

CVE-2017-7447

CVE-2017-7447 affects HelpDEZk 1.1.1, with CSRF in the admin path (admin/home#/logos/) that can lead to remote execution of arbitrary PHP code. The vulnerability is documented across multiple sources (NVD/NVD-linked records, CNVD, CVE listings, and exploitation records), and exploit references in...

8.8CVSS8.8AI score0.03487EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2017/04/05 10:0 p.m.20 views

CVE-2017-7447

HelpDEZk 1.1.1 has CSRF in admin/home/logos/ with an impact of remote execution of arbitrary PHP code...

8.9AI score0.03487EPSS
Exploits5References4
CVE
CVE
added 2017/04/05 10:0 p.m.64 views

CVE-2017-7446

HelpDEZk 1.1.1 is affected by a Cross-Site Request Forgery vulnerability in admin/home#/person/ that can lead to admin privileges. The CVE entry, confirmed across multiple sources, notes CSRF as the root cause in HelpDEZk’s web interface, with public exploit coverage (Exploit-DB, PacketStorm) ind...

8.8CVSS8.7AI score0.03091EPSS
Exploits5References4Affected Software1
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.44 views

HelpDEZK 1.1.1 - Cross-Site Request Forgery Code Execution

HelpDEZK 1.1.1 - Cross-Site Request Forgery Code Execution Exploit Title: Multiple CSRF Remote Code Execution Vulnerability on HelpDEZK 1.1.1 Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.helpdezk.org/ Software...

6.8CVSS0.5AI score0.03487EPSS
Exploits6
Packet Storm
Packet Storm
added 2017/04/05 12:0 a.m.64 views

HelpDEZK 1.1.1 CSRF / Code Execution

Exploit Title: Multiple CSRF Remote Code Execution Vulnerability on HelpDEZK 1.1.1 Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.helpdezk.org/ Software Link: https://codeload.github.com/albandes/helpdezk/zip/v1.1...

8.8AI score0.03487EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/04/05 12:0 a.m.63 views

HelpDEZK 1.1.1 - Cross-Site Request Forgery / Code Execution

Exploit Title: Multiple CSRF Remote Code Execution Vulnerability on HelpDEZK 1.1.1 Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.helpdezk.org/ Software Link: https://codeload.github.com/albandes/helpdezk/zip/v1.1...

8.8CVSS8.7AI score0.03487EPSS
Exploits6
Dsquare
Dsquare
added 2015/11/12 12:0 a.m.37 views

HelpDEZk 1.0.1 File Upload

File upload vulnerability in HelpDEZk Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

7.5CVSS9.6AI score0.04798EPSS
Exploits4References1
seebug.org
seebug.org
added 2015/06/01 12:0 a.m.29 views

HelpDezk 1.0.1 /app/modules/admin/views/upload.php 文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder