CVE-2025-48480 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an authorized user with the administrator role or with the privilege User::PERMEDITUSERS can create a user, specifying the path to the user's avatar ../.htaccess during creation, and then delete the user's...

PT-2025-14062

Name of the Vulnerable Software and Affected Versions JoomSky JS Help Desk versions n/a through 2.9.2 Description The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations For versions n/a through...

HESK Detection (HTTP)

HTTP based detection of HESK. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.148819";...

Open Ticket Request System Reload Vulnerability

OTRS Open Technology Real Service is an open source help desk and IT service management solution. OTRS suffers from a reinstallation vulnerability. Because the program does not validate the installation, an attacker can exploit the vulnerability to reinstall the system and directly manipulate the...

JVN#50347324: ManageEngine ServiceDesk Plus vulnerable to cross-site scripting

ManageEngine ServiceDesk Plus provided by Zoho Corporation is a help desk software. ManageEngine ServiceDesk Plus contains a stored cross-site scripting CWE-79 vulnerability. Impact An arbitrary script may be executed on a web browser of a user that is logged in. Solution Update the software Upda...

Kayako eSupport 3.70.02 - SQL Injection Vulnerability

No description provided by source. Name :Kayako eSupport v3.70.02 SQL Injection Vulnerability Date : july 17,2010 Critical Level : HIGH vendor URL :http://www.kayako.com/solutions/esupport/ google dork:Help Desk Software by Kayako SupportSuite v3.70.02 Author : Sid3^effects aKa HaRi special thank...

Help Desk Software 1.1g - CSRF (add admin) Vulnerability

No description provided by source. Exploit Title: Help Request System 1.1g XSRF add admin Date: 08-23-2011 Google Dork: powered by freehelpdesk.org Author: G13 Software link: http://freehelpdesk.org/ Version: 1.1g html body form id=edit method=post...

Kayako Script Config Download Vulnerability

Kayako Script version 4.57.1.3626 Configuration Can be Downloaded Exploit Title: Remote File Upload Kayako Script Google Dork: Powered by Kayako Fusion Help Desk Software Date: 08.10.2013 Exploit Author: Mauritania Attacker & Virusa Worm Vendor Homepage: http://www.kayako.com/ Software Link:...

Multiple vulnerabilities in Help Desk Software

Vulnerability ID: HTB23041 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinhelpdesksoftware.html Product: Help Desk Software Vendor: freehelpdesk.org http://freehelpdesk.org/ Vulnerable Version: 1.1b and probably prior Tested Version: 1.1b Vendor Notification: 17 August 2011...

ManageEngine ServiceDesk Plus 8.0 Cross Site Scripting

ManageEngine ServiceDesk Plus 8.0 Multiple Stored XSS Vulnerabilities Vendor: Zoho Corporation Pvt. Ltd. Product web page: http://www.manageengine.com Affected version: 8.0.0 Build 8013 Enterprise Summary: ServiceDesk Plus integrates your help desk requests and assets to help you manage your IT...

Multiple vulnerabilities in Help Desk Software

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Help Desk Software, which can be exploited to perform SQL injection, cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting vulnerabilities in Help Desk Software Input passed via the...

Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download

Exploit Title: Trouble Ticket Software 0Day Date: 3/12/2010 Author: n01d Software Link: http://www.troubleticketexpress.com Version: TTX v3.0.640 Tested on: =3.0.640 / \ / | | | | ' \ | | | || | / | | | | || || || || | | || || / || ,| Bob @ http://n01d.com Type: Trouble Ticket Software 0Day...

Trouble Ticket Software - ttx.cgi Arbitrary File Download

Trouble Ticket Software - ttx.cgi Arbitrary File Download Exploit Title: Trouble Ticket Software 0Day Date: 3/12/2010 Author: n01d Software Link: http://www.troubleticketexpress.com Version: TTX v3.0.640 Tested on: =3.0.640 / \ / | | | | ' \ | | | || | / | | | | || || || || | | || || / || ,| Bob...