EUVD-2021-21897

Malware in sbrugna...

EUVD-2019-10559

Malware in sbrugna...

CVE-2021-35254

SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future...

CVE-2021-35254

SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future...

CVE-2021-35254

SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future...

Input validation

SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future...

CVE-2021-35254

CVE-2021-35254 affects SolarWinds WebHelpDesk (12.7.8 and earlier). The issue stems from an input that was not sanitized/validated, enabling exploitation. Public records describe this as an authenticated remote code execution risk. SolarWinds mitigated by removing the vulnerable input field to pr...

CVE-2021-35254 Authenticated Remote Code Execution in WebHelpDesk 12.7.8

SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. SolarWinds has removed this input field to prevent the misuse of this input in the future...

Solarwinds WebHelpDesk Injection Vulnerability

Solarwinds WebHelpDesk is a suite of helpdesk and asset management software from Solarwinds USA. The software supports features such as centralized knowledge base, IT asset management, project and task management. An injection vulnerability exists in SolarWinds Web Help Desk version 12.7.0 that...

SolarWinds WebHelpDesk Code Injection Vulnerability

SolarWinds WebHelpDesk is a suite of helpdesk and asset management software from SolarWinds USA. The software supports centralized knowledge base, IT asset management, project and task management, and more. A security vulnerability exists in the export feature in SolarWinds WebHelpDesk version...

CVE-2019-20002

Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value provided by a low-privileged user in the Subject field of a help request form that is mishandled in a TicketActions/view?tab=group TSV export by an admin user...

CVE-2019-20002

Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value provided by a low-privileged user in the Subject field of a help request form that is mishandled in a TicketActions/view?tab=group TSV export by an admin user...

Design/Logic Flaw

Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value provided by a low-privileged user in the Subject field of a help request form that is mishandled in a TicketActions/view?tab=group TSV export by an admin user...

CVE-2019-20002

SolarWinds WebHelpDesk 12.7.1 contains a Formula Injection vulnerability in the export feature. A low-privileged user can provide a value in the Subject field of a help request form, which is mishandled during a TSV export performed by an admin user via TicketActions/view?tab=group. This leads to...

CVE-2019-20002

Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value provided by a low-privileged user in the Subject field of a help request form that is mishandled in a TicketActions/view?tab=group TSV export by an admin user...

ActivDesk 3.0 Cross Site Scripting / SQL Injection

ActivDesk 3.0 multiple security vulnerabilities Date: 2011-06-24 Author: Brendan Coles Advisory: http://itsecuritysolutions.org/2011-06-24-ActivDesk-3.0-multiple-security-vulnerabilities/ Software: ActivDesk Version: alert0 http://localhost/PATH/search.cgi?keywords1=alert1...

ActivDesk 3.0 - Multiple Vulnerabilities

ActivDesk 3.0 multiple security vulnerabilities Date: 2011-06-24 Author: Brendan Coles Advisory: http://itsecuritysolutions.org/2011-06-24-ActivDesk-3.0-multiple-security-vulnerabilities/ Software: ActivDesk Version: alert0 http://localhost/PATH/search.cgi?keywords1=alert1...

ActivDesk 3.0 multiple security vulnerabilities

Exploit for cgi platform in category web applications Software: ActivDesk Version: alert0 http://localhost/PATH/search.cgi?keywords1=alert1 http://localhost/PATH/search.cgi?keywords2=alert2 http://localhost/PATH/search.cgi?keywords3=alert3 Blind SQL Injection: http://localhost/PATH/kbcat.cgi?cid=...

LeighBusinessEnterprisesWebHelpDeskSQL注入漏洞 Exploit

No description provided by source. Noam Rathaus （[email protected]）提供了如下测试方法： !/usr/bin/perl use IO::Socket; use strict; my $host = $ARGV0; my $Path = $ARGV1; my $Email = $ARGV2; my $Password = $ARGV3; if $ARGV+1 4 print "lbehelpdesk.pl host path email password\n"; exit0; my $remote =...