EUVD-2021-22034

Malware in sbrugna...

CVE-2021-35391

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL...

CVE-2021-35391

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL...

CVE-2021-35391

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL...

Server side request forgery (ssrf)

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL...

CVE-2021-35391

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL...

CVE-2021-35391

Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL...

Deskpro 代码问题漏洞

Deskpro is a suite of helpdesk software from Deskpro UK. The software includes a customer relationship management component, among other things, and offers features such as email, live chat, and voice. A security vulnerability exists in Deskpro Support Desk version v2021.21.6. An attacker could...

CVE-2021-35391

CVE-2021-35391 is an SSRF vulnerability in Deskpro Support Desk v2021.21.6 that allows an attacker to execute arbitrary code via a crafted URL. The issue is documented across multiple sources (NVD, Red Hat, PRION, CNNVD, CVE registry, and PT-2023-12262). Affected software: Deskpro Support Desk 20...

PT-2023-12262 · Unknown · Deskpro Support Desk

Name of the Vulnerable Software and Affected Versions: Deskpro Support Desk version 2021.21.6 Description: A Server Side Request Forgery issue allows attackers to execute arbitrary code via a crafted URL. Recommendations: For Deskpro Support Desk version 2021.21.6, update to a newer version that...

WordPress Kanzu Support Desk – WordPress Helpdesk Plugin Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)

Software Kanzu Support Desk – WordPress Helpdesk Plugin Type Plugin Vulnerable versions = 2.4.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 331294a938f2 Credits Raf...

HackerOne: Create miscellaneous support ticket on anyone's account through [email protected] email

A vulnerability was discovered where an attacker could create support tickets on anyone's account by sending a fake email to [email protected]. This allowed the attacker to create tickets on behalf of victims or even HackerOne staff. The issue was resolved internally and the created tickets...

WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin <= 2.4.7 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin versions = 2.4.7. Solution No patched version available...

WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin <= 2.4.7 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Kanzu Support Desk – WordPress Helpdesk Plugin plugin versions = 2.4.7. Solution No patched version available...

QIWI: DOM XSS triggered in secure support desk

Summary Due to insufficient input sanitization, an attacker can send a crafted WebSocket message that will result in arbitrary code execution in the chat support backend, giving an attacker control to support tickets and client information. Technical details The vulnerability exists in line 2544 ...

iScripts Support Desk 4.1 SQL Injection

Normal Sql postticketbeforeregistersave.php Staff table post : txtname=faris&[email protected]&prty=0&deptid=11 /!1337andselect 1 fromselect count,concatselect select select distinct concat0x7e,0x27,unhexHexcasttablename as char,0x27,0x7e from informationschema.tables where tableschema=databas...

Web hosting administration company InterWorx Hacked !

Web hosting administration company InterWorx Hacked ! Web-hosting administration outfit InterWorx has warned users to change their passwords following a deep penetrating hack attack. The assault on the firm's support desk database exposed users' login credentials because the support desk software...

Kayako eSupport 3.70.02 SQL Injection

Name :Kayako eSupport v3.70.02 SQL Injection Vulnerability Date : july 17,2010 Critical Level : HIGH vendor URL :http://www.kayako.com/solutions/esupport/ google dork:Help Desk Software by Kayako SupportSuite v3.70.02 Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd...