Vulnerabilities > Ladybirdweb

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-01	CVE-2024-51377	Cross-site Scripting vulnerability in Ladybirdweb Faveo Helpdesk 9.2.0 An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields network low complexity ladybirdweb CWE-79	5.4
2023-06-24	CVE-2023-1724	Cross-site Scripting vulnerability in Ladybirdweb Faveo Helpdesk Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. network low complexity ladybirdweb CWE-79	5.4
2023-03-24	CVE-2023-25350	SQL Injection vulnerability in Ladybirdweb Faveo Helpdesk Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. network low complexity ladybirdweb CWE-89	8.8
2023-03-24	CVE-2023-24625	Authorization Bypass Through User-Controlled Key vulnerability in Ladybirdweb Faveo Servicedesk 5.0.1 Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack. network low complexity ladybirdweb CWE-639	6.5
2017-04-06	CVE-2017-7571	Cross-Site Request Forgery (CSRF) vulnerability in Ladybirdweb Faveo Helpdesk 1.9.3 public/rolechangeadmin in Faveo 1.9.3 allows CSRF. network low complexity ladybirdweb CWE-352	8.0

Vulnerabilities > Ladybirdweb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ladybirdweb"}]}