EUVD-2026-23910

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the ticket subject field that allows authenticated staff members to inject malicious JavaScript by manipulating the editsubject POST parameter. Attackers can inject XSS payloads through inadequate sanitization in...

PT-2026-33820

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the template group creation and editing functionality that allows authenticated administrators to inject arbitrary JavaScript by manipulating the companyname POST parameter without HTML sanitization. Attackers can...

CVE-2018-19948

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery CSRF vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the issue in Helpdesk 3.0.3 and...

EUVD-2005-3501

Malware in sbrugna...

EUVD-2021-0056

Malware in sbrugna...

EUVD-2018-1524

Malware in sbrugna...

EUVD-2008-6410

Malware in sbrugna...

EUVD-2021-0054

Malware in sbrugna...

EUVD-2018-1538

Malware in sbrugna...

EUVD-2018-11619

Malware in sbrugna...

EUVD-2018-11617

Malware in sbrugna...

EUVD-2024-54222

Malicious code in bioql PyPI...

CVE-2025-22762

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Octrace WordPress HelpDesk & Support Ticket System Plugin – Octrace Support octrace-support allows Stored XSS.This issue affects WordPress HelpDesk & Support Ticket System Plugin – Octrace Support:...

CVE-2024-27125

A cross-site scripting XSS vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following version: Helpdesk 3.3.1 and later...

PT-2025-22771

Name of the Vulnerable Software and Affected Versions ELEX WordPress HelpDesk & Customer Ticketing System versions 3.2.7 and earlier Description The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations...

CVE-2018-19946

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerability could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. QNAP has already fixed the issue in...

CVE-2024-50394

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later...

CVE-2024-50394

CVE-2024-50394 affects Helpdesk where an improper certificate validation vulnerability exists in versions prior to 3.3.3. The issue could allow remote attackers to compromise system security via network access, with low attack complexity and user interaction required. The provided documents indic...

CVE-2024-50394 Helpdesk

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later...

CVE-2024-50394 Helpdesk

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later...