CVE-2021-28022

Blind SQL injection in the login form in ServiceTonic Helpdesk software 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries...

CVE-2021-28024

Unauthorized system access in the login form in ServiceTonic Helpdesk software version 9.0.35937 allows attacker to login without using a password...

EUVD-2021-14742

Malware in sbrugna...

EUVD-2021-14741

Malware in sbrugna...

CVE-2021-28023

Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths...

CVE-2021-28023

Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths...

CVE-2021-28024

Unauthorized system access in the login form in ServiceTonic Helpdesk software version 9.0.35937 allows attacker to login without using a password...

CVE-2021-28024

Unauthorized system access in the login form in ServiceTonic Helpdesk software version 9.0.35937 allows attacker to login without using a password...

CVE-2021-28022

Blind SQL injection in the login form in ServiceTonic Helpdesk software 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries...

Sql injection

Blind SQL injection in the login form in ServiceTonic Helpdesk software 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries...

Design/Logic Flaw

Unauthorized system access in the login form in ServiceTonic Helpdesk software version 9.0.35937 allows attacker to login without using a password...

Design/Logic Flaw

Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths...

CVE-2021-28024

CVE-2021-28024 affects ServiceTonic Helpdesk prior to version 9.0.35937. The vulnerability is an improper access control in the login form that lets an attacker sign in without a password, enabling unauthorized system access. Connected documents corroborate the issue across multiple sources (Red ...

CVE-2021-28024

Unauthorized system access in the login form in ServiceTonic Helpdesk software version 9.0.35937 allows attacker to login without using a password...

CVE-2021-28023

CVE-2021-28023 affects ServiceTonic Helpdesk software prior to version 9.0.35937. An arbitrary file upload vulnerability exists in the Service import feature, allowing a malicious user to execute JSP code by uploading a ZIP that extracts files using relative paths. Root cause: extraction of archi...

CVE-2021-28023

Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths...

CVE-2021-28022

Blind SQL injection in the login form in ServiceTonic Helpdesk software 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries...

CVE-2021-28022

CVE-2021-28022 affects ServiceTonic Helpdesk software prior to 9.0.35937. The root cause is a blind SQL injection in the login form, allowing an attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries. Affected product: ServiceTonic Helpdesk. Impact stated i...