← Back

Helpdeskadvanced

helpdeskadvanced

Vendor: Zucchetti • 10 CVEs

CVEs (10)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-42234
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF) via the WSCView function.
CVE-2023-42233
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the Filter/FilterEditor function.
CVE-2023-42232
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function.
CVE-2023-42231
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can delete admin users by sending a request to the "WSCView/Delete" function.
CVE-2023-42230
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the WSCView/Save function.
CVE-2023-42229
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary files can be created on the system via authenticated SOAP requests to the WSConnector service.
CVE-2023-42228
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function.
CVE-2023-42227
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the WSCView/Save function.
CVE-2023-42226
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email/SaveAttachment function.
CVE-2023-42225
1Zucchetti
1Helpdeskadvanced
Apr 17, 2025
Jan 13, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Attachment/DownloadTempFile function.