Vulnerabilities > Ladybirdweb > Faveo Helpdesk

DATE CVE VULNERABILITY TITLE RISK
2024-11-01 CVE-2024-51377 Cross-site Scripting vulnerability in Ladybirdweb Faveo Helpdesk 9.2.0
An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields
network
low complexity
ladybirdweb CWE-79
5.4
5.4
2023-06-24 CVE-2023-1724 Cross-site Scripting vulnerability in Ladybirdweb Faveo Helpdesk
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application.
network
low complexity
ladybirdweb CWE-79
5.4
5.4
2023-03-24 CVE-2023-25350 SQL Injection vulnerability in Ladybirdweb Faveo Helpdesk
Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection.
network
low complexity
ladybirdweb CWE-89
8.8
8.8
2017-04-06 CVE-2017-7571 Cross-Site Request Forgery (CSRF) vulnerability in Ladybirdweb Faveo Helpdesk 1.9.3
public/rolechangeadmin in Faveo 1.9.3 allows CSRF.
network
low complexity
ladybirdweb CWE-352
8.0
8.0