Vulnerabilities > Wyomind

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-08	CVE-2021-33351	Cross-site Scripting vulnerability in Wyomind Help Desk Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows attackers to escalte privileges via a crafted payload in the ticket message field. network low complexity wyomind CWE-79 critical	9.0
2023-03-08	CVE-2021-33352	Unrestricted Upload of File with Dangerous Type vulnerability in Wyomind Help Desk An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via a phar file upload in the ticket message field. network low complexity wyomind CWE-434 critical	9.8
2023-03-08	CVE-2021-33353	Path Traversal vulnerability in Wyomind Help Desk Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting. network low complexity wyomind CWE-22 critical	9.8

Vulnerabilities > Wyomind {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wyomind"}]}