← Back

Simplehelp

simplehelp

Vendor: Simple Help • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-36728
1Simple Help
1Simplehelp
Aug 26, 2025
Jul 25, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Simplehelp.This issue affects Simplehelp: before 5.5.11.
CVE-2025-36727
1Simple Help
1Simplehelp
Aug 26, 2025
Jul 25, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Inclusion of Functionality from Untrusted Control Sphere vulnerability in Simplehelp.This issue affects Simplehelp: before 5.5.12.
CVE-2024-57728
1Simple Help
1Simplehelp
Apr 24, 2026
Jan 15, 2025
N/A· v4
7.2 HIGH· v3
N/A· v2
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary co...Show more
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.Show less
CVE-2024-57727
1Simple Help
1Simplehelp
Nov 4, 2025
Jan 15, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted...Show more
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing various secrets and hashed user passwords.Show less
CVE-2024-57726
1Simple Help
1Simplehelp
Apr 24, 2026
Jan 15, 2025
N/A· v4
9.9 CRITICAL· v3
N/A· v2
SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the serv...Show more
SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.Show less