Vulnerabilities > Helpdesk PRO Project

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-20	CVE-2015-4074	Path Traversal vulnerability in Helpdesk PRO Project Helpdesk PRO Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. network low complexity helpdesk-pro-project CWE-22	7.5
2017-09-20	CVE-2015-4073	SQL Injection vulnerability in Helpdesk PRO Project Helpdesk PRO Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) ticket_code or (2) email parameter or (3) remote authenticated users to execute arbitrary SQL commands via the filter_order parameter. network low complexity helpdesk-pro-project CWE-89 critical	9.8
2017-09-20	CVE-2015-4072	Cross-site Scripting vulnerability in Helpdesk PRO Project Helpdesk PRO Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via vectors related to name and message. network low complexity helpdesk-pro-project CWE-79	5.4
2017-08-18	CVE-2015-4071	Information Exposure vulnerability in Helpdesk PRO Project Helpdesk PRO The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}. network low complexity helpdesk-pro-project CWE-200	5.3

Vulnerabilities > Helpdesk PRO Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Helpdesk PRO Project"}]}

Vulnerabilities > Helpdesk PRO Project