CVE-2024-58343

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

EUVD-2024-55551

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

CVE-2024-58343

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

CVE-2024-58343

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

CVE-2024-58343

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

CVE-2024-58343

CVE-2024-58343 affects Vision Helpdesk versions prior to 5.7.0, with a patch available in 5.6.10. The issue allows attackers to read user profiles by tampering serialized cookie data in vis_client_id. The CVSS v3.1 base score is 4.3 (MEDIUM) with network attack vector, low attack complexity, and ...

PT-2026-33372

CVE-2024-58343 Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to vis client id. https://t.co/8Cf7DKLrcr...

Vision Helpdesk 安全漏洞

Vision Helpdesk is a customer service software developed by Vision Helpdesk Company in India. Versions of Vision Helpdesk prior to 5.7.0 contained security vulnerabilities, which were caused by improper handling of serialized cookie data. This vulnerability could lead to the reading of user...

EUVD-2025-10922

Malicious code in bioql PyPI...

CVE-2025-32993

Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password aka index.php?/home/forgot-password visusername parameter. Authentication is not needed...

CVE-2025-32993

Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password aka index.php?/home/forgot-password visusername parameter. Authentication is not needed...

CVE-2025-32993

Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password aka index.php?/home/forgot-password visusername parameter. Authentication is not needed...

PT-2025-16290 · Unknown · Vision Helpdesk

Name of the Vulnerable Software and Affected Versions: Vision Helpdesk versions 5.7.0 and earlier Description: The issue allows Time-Based Blind SQL injection via the vis username parameter in the Forgot Password feature, also known as index.php?/home/forgot-password. No authentication is require...

CVE-2025-32993

Vision Helpdesk (versions ≤5.7.0) is vulnerable to a Time-Based Blind SQL injection in the Forgot Password endpoint (index.php?/home/forgot-password) via the vis_username parameter, with unauthenticated access. Affected component is the Forgot Password flow; root cause is improper handling of the...

CVE-2025-32993

Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password aka index.php?/home/forgot-password visusername parameter. Authentication is not needed...

Vision Helpdesk 安全漏洞

Vision Helpdesk is a customer service software from Vision Helpdesk India. A security vulnerability exists in Vision Helpdesk version 5.7.0 and earlier, which stems from a time-based blind SQL injection...

deserveit.visionhelpdesk.com Cross Site Scripting vulnerability OBB-1354238

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...