Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42234 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 5.4 MEDIUM |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF) via the WSCView function. | |||||
| CVE-2023-42233 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 6.1 MEDIUM |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the Filter/FilterEditor function. | |||||
| CVE-2023-42232 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 7.5 HIGH |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function. | |||||
| CVE-2023-42231 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 8.1 HIGH |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can delete admin users by sending a request to the "WSCView/Delete" function. | |||||
| CVE-2023-42230 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 6.1 MEDIUM |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via the WSCView/Save function. | |||||
| CVE-2023-42229 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 6.5 MEDIUM |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary files can be created on the system via authenticated SOAP requests to the WSConnector service. | |||||
| CVE-2023-42228 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 8.8 HIGH |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low privileged users can edit their own ACL rules by sending a request to the "AclList/SaveAclRules" administrative function. | |||||
| CVE-2023-42227 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 7.5 HIGH |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the WSCView/Save function. | |||||
| CVE-2023-42226 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 7.5 HIGH |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email/SaveAttachment function. | |||||
| CVE-2023-42225 | 1 Zucchetti | 1 Helpdeskadvanced | 2025-04-17 | N/A | 7.5 HIGH |
| Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Attachment/DownloadTempFile function. | |||||