Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Prion
Prionadded 2017/09/20 4:29 p.m.14 views

Directory traversal

Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter in a ticket.downloadattachment task...

5CVSS7.2AI score0.8582EPSS
Exploits5References4Affected Software1
NVD
NVDadded 2017/09/20 4:29 p.m.12 views

CVE-2015-4073

Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the 1 ticketcode or 2 email parameter or 3 remote authenticated users to execute arbitrary SQL commands via the filterorder parameter...

9.8CVSS9.8AI score0.10155EPSS
Exploits6References4
NVD
NVDadded 2017/09/20 4:29 p.m.12 views

CVE-2015-4074

Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter in a ticket.downloadattachment task...

7.5CVSS7.5AI score0.8582EPSS
Exploits5References4
CVE
CVEadded 2017/09/20 4:0 p.m.60 views

CVE-2015-4074

CVE-2015-4074 is a proven Local File Inclusion / path traversal vulnerability in the Joomla! Helpdesk Pro plugin < 1.4.0. The issue allows reading arbitrary files via a .. in the filename parameter of the ticket.download_attachment task. Affected software: Joomla! Helpdesk Pro plugin versions ...

7.5CVSS7.5AI score0.8582EPSS
Exploits5References4Affected Software1
Cvelist
Cvelistadded 2017/09/20 4:0 p.m.18 views

CVE-2015-4073

Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the 1 ticketcode or 2 email parameter or 3 remote authenticated users to execute arbitrary SQL commands via the filterorder parameter...

9.5AI score0.10155EPSS
Exploits6References4
CVE
CVEadded 2017/09/20 4:0 p.m.48 views

CVE-2015-4075

CVE-2015-4075 – Joomla! Helpdesk Pro (

8.1CVSS7.9AI score0.17382EPSS
Exploits5References4Affected Software1
NVD
NVDadded 2017/08/18 6:29 p.m.14 views

CVE-2015-4071

The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://target/component/helpdeskpro/?view=ticket&id=ticketId...

5.3CVSS5.3AI score0.12639EPSS
Exploits5References5
Prion
Prionadded 2017/08/18 6:29 p.m.12 views

Code injection

The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://target/component/helpdeskpro/?view=ticket&id=ticketId...

5CVSS7.2AI score0.12639EPSS
Exploits5References5Affected Software1
Cvelist
Cvelistadded 2017/08/18 6:0 p.m.18 views

CVE-2015-4071

The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://target/component/helpdeskpro/?view=ticket&id=ticketId...

5.8AI score0.12639EPSS
Exploits5References5
CVE
CVEadded 2017/08/18 6:0 p.m.54 views

CVE-2015-4071

CVE-2015-4071 affects the Joomla! Helpdesk Pro Plugin prior to version 1.4.0. The vulnerability is an information disclosure: remote attackers can read arbitrary users’ support tickets by obtaining a ticketId and visiting /component/helpdeskpro/?view=ticket&id={ticketId}. Root cause is improper a...

5.3CVSS6.4AI score0.12639EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder