Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-33352 | 1 Wyomind | 1 Help Desk | 2025-03-05 | N/A | 9.8 CRITICAL |
| An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via a phar file upload in the ticket message field. | |||||
| CVE-2021-33351 | 1 Wyomind | 1 Help Desk | 2025-03-05 | N/A | 9.0 CRITICAL |
| Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows attackers to escalte privileges via a crafted payload in the ticket message field. | |||||
| CVE-2021-33353 | 1 Wyomind | 1 Help Desk | 2025-03-04 | N/A | 9.8 CRITICAL |
| Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting. | |||||