Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:31 a.m.4 views

CVE-2023-1125

The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own...

6.5CVSS8.7AI score0.00559EPSS
Exploits1References1
OSV
OSV
added 2023/05/02 8:15 a.m.3 views

CVE-2023-1125

The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own...

6.5CVSS6.9AI score0.00559EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/02 12:0 a.m.4 views

WordPress plugin Ruby Help Desk 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.5CVSS7.1AI score0.00559EPSS
Exploits1References2
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.9 views

The claimWinningTickets() function does not include a check to ensure that the caller owns the tickets, or if has already been claimed

Lines of code Vulnerability details The claimWinningTickets function in the contract contains multiple vulnerabilities that can result in a loss of funds for the contract and its users. Firstly, the function can be called by anyone, even if they are not the owner of the ticket, allowing malicious...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.7 views

SUSE CVE-2018-12642

Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user...

7.5CVSS7.6AI score0.01398EPSS
Exploits0References3
Rows per page
Query Builder