Zucchetti Helpdeskadvanced
10 CVEs affecting Zucchetti Helpdeskadvanced. Latest disclosed: 2025-01-13. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-42228 | High | 8.8 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a re… |
CVE-2023-42231 | High | 8.1 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can delete admin users by sending a request… |
CVE-2023-42232 | High | 7.5 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function. |
CVE-2023-42227 | High | 7.5 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the WSCView/Save function. |
CVE-2023-42226 | High | 7.5 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email/SaveAttachment function. |
CVE-2023-42225 | High | 7.5 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Attachment/DownloadTempFile function. |
CVE-2023-42229 | Medium | 6.5 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary files can be created on the system via authenticated SOAP re… |
CVE-2023-42233 | Medium | 6.1 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the Filter/FilterEditor function. |
CVE-2023-42230 | Medium | 6.1 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the WSCView/Save function. |
CVE-2023-42234 | Medium | 5.4 | 2025-01-13 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF) via the WSCView function. |