CVE-2019-16959

SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket...

Linux Distros Unpatched Vulnerability : CVE-2015-7684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an...

CVE-2021-42092

The CVE-2021-42092 issue affects Zammad prior to 4.1.1, where a Stored XSS can be triggered when attaching a file to a Ticket via an Article. The root cause is input validation/escaping during attachment handling that allows injected JavaScript to be stored and later executed in the context of th...

Solarwinds WebHelpDesk Injection Vulnerability

Solarwinds WebHelpDesk is a suite of helpdesk and asset management software from Solarwinds USA. The software supports features such as centralized knowledge base, IT asset management, project and task management. An injection vulnerability exists in SolarWinds Web Help Desk version 12.7.0 that...

CVE-2016-7509

Cross-site scripting XSS vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket...

CVE-2016-7509

Cross-site scripting XSS vulnerability in GLPI 0.90.4 allows remote authenticated attackers to inject arbitrary web script or HTML by attaching a crafted HTML file to a ticket...