Vulnerabilities > Qnap > Helpdesk

DATE CVE VULNERABILITY TITLE RISK
2024-09-06 CVE-2024-27125 Cross-site Scripting vulnerability in Qnap Helpdesk
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk.
network
low complexity
qnap CWE-79
4.8
2021-06-11 CVE-2021-28814 Unspecified vulnerability in Qnap Helpdesk
An improper access control vulnerability has been reported to affect QNAP NAS.
network
low complexity
qnap
8.8
2021-02-03 CVE-2020-2507 OS Command Injection vulnerability in Qnap Helpdesk
The vulnerability have been reported to affect earlier versions of QTS.
network
low complexity
qnap CWE-78
critical
9.8
2021-02-03 CVE-2020-2506 Unspecified vulnerability in Qnap Helpdesk
The vulnerability have been reported to affect earlier versions of QTS.
network
low complexity
qnap
critical
9.8
2020-09-11 CVE-2018-19948 Cross-Site Request Forgery (CSRF) vulnerability in Qnap Helpdesk
The vulnerability have been reported to affect earlier versions of Helpdesk.
network
low complexity
qnap CWE-352
6.5
2020-09-11 CVE-2018-19947 Information Exposure Through an Error Message vulnerability in Qnap Helpdesk
The vulnerability have been reported to affect earlier versions of Helpdesk.
network
low complexity
qnap CWE-209
6.5
2020-09-11 CVE-2018-19946 Improper Certificate Validation vulnerability in Qnap Helpdesk
The vulnerability have been reported to affect earlier versions of Helpdesk.
network
high complexity
qnap CWE-295
5.9
2020-07-01 CVE-2020-2500 Use of Hard-coded Credentials vulnerability in Qnap Helpdesk
This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service.
network
low complexity
qnap CWE-798
6.5
2019-12-04 CVE-2018-0728 Improper Privilege Management vulnerability in Qnap Helpdesk
This improper access control vulnerability in Helpdesk allows attackers to access the system logs.
network
low complexity
qnap CWE-269
7.5
2018-08-13 CVE-2018-0714 Command Injection vulnerability in Qnap Helpdesk
Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application.
network
low complexity
qnap CWE-77
critical
9.8