Zucchetti Helpdeskadvanced

10 CVEs affecting Zucchetti Helpdeskadvanced. Latest disclosed: 2025-01-13. Critical: 0, High: 6.

Top CVEs affecting Zucchetti Helpdeskadvanced
CVESeverityScorePublishedSummary
CVE-2023-42228High8.82025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a re…
CVE-2023-42231High8.12025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can delete admin users by sending a request…
CVE-2023-42232High7.52025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function.
CVE-2023-42227High7.52025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the WSCView/Save function.
CVE-2023-42226High7.52025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email/SaveAttachment function.
CVE-2023-42225High7.52025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Attachment/DownloadTempFile function.
CVE-2023-42229Medium6.52025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary files can be created on the system via authenticated SOAP re…
CVE-2023-42233Medium6.12025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the Filter/FilterEditor function.
CVE-2023-42230Medium6.12025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the WSCView/Save function.
CVE-2023-42234Medium5.42025-01-13Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF) via the WSCView function.