Lucene search
K

52 matches found

Cvelist
Cvelist
added 2023/03/24 12:0 a.m.21 views

CVE-2023-25350

Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. When the user logs in through the login box, he has no judgment on the validity of the user's input data. The parameters passed from the front end to the back end are controllable, which will lead to SQL injection...

9.3AI score0.00805EPSS
Exploits1References2
CVE
CVE
added 2021/10/01 3:42 p.m.46 views

CVE-2021-40925

CVE-2021-40925 is an XSS vulnerability in dompdf/dompdf/www/demo.php used by infaveo-helpdesk v1.11.0 and earlier. The issue arises from reflecting the $_SERVER["PHP_SELF"] parameter, enabling remote attackers to inject arbitrary script/HTML. Affected component: demo.php in the dompdf/dompdf pack...

6.1CVSS6AI score0.00818EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/10/01 12:0 a.m.3 views

Faveo Helpdesk 跨站脚本漏洞

Faveo Helpdesk is an open source ticketing system built by Faveo based on Laravel framework. A cross-site scripting vulnerability in Faveo Helpdesk v1.11.0 and below allows remote attackers to inject arbitrary web script or HTML via the $SERVER"PHPSELF" parameter...

6.1CVSS6.2AI score0.00818EPSS
Exploits1References2
CNVD
CNVD
added 2017/04/10 12:0 a.m.6 views

Faveo Cross-Site Request Forgery Vulnerability

Faveo is an open source , based on the Laravel framework of the ticket management system . A cross-site request forgery vulnerability exists in public/rolechangeadmin in Faveo version 1.9.3. A remote attacker can exploit this vulnerability to gain administrator privileges...

8CVSS7.2AI score0.02248EPSS
Exploits1References1
NVD
NVD
added 2017/04/06 5:59 p.m.13 views

CVE-2017-7571

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges...

8CVSS7.9AI score0.02248EPSS
Exploits1References4
Prion
Prion
added 2017/04/06 5:59 p.m.13 views

Cross site request forgery (csrf)

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges...

6CVSS7.9AI score0.02248EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2017/04/06 5:59 p.m.13 views

CVE-2017-7571

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges...

8CVSS6.9AI score
Exploits0References4
Cvelist
Cvelist
added 2017/04/06 5:0 p.m.17 views

CVE-2017-7571

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges...

7.9AI score0.02248EPSS
Exploits1References4
CVE
CVE
added 2017/04/06 5:0 p.m.55 views

CVE-2017-7571

The CVE-2017-7571 entry concerns Faveo Open Source (ticketing system) version 1.9.3, where a CSRF in public/rolechangeadmin enables privilege escalation to administrator. The vulnerability is described as CSRF leading to admin rights, with public/rolechangeadmin being the affected component and F...

8CVSS7.8AI score0.02248EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2017/04/05 12:0 a.m.46 views

Faveo Helpdesk Community 1.9.3 Cross Site Request Forgery

Exploit Title: CSRF / Privilege Escalation Manipulation of Role Agent to Admin on Faveo version Community 1.9.3 Google Dork: no Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.faveohelpdesk.com/ Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.51 views

Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery

Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery Exploit Title: CSRF / Privilege Escalation Manipulation of Role Agent to Admin on Faveo version Community 1.9.3 Google Dork: no Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/05 12:0 a.m.50 views

Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery

Exploit Title: CSRF / Privilege Escalation Manipulation of Role Agent to Admin on Faveo version Community 1.9.3 Google Dork: no Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.faveohelpdesk.com/ Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder