Skip to main content

Faveo Helpdesk

4 CVEs product

Monthly

CVE-2024-51377 MEDIUM POC This Month

An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Faveo Helpdesk
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-1724 MEDIUM POC This Month

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation XSS Faveo Helpdesk
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-25350 HIGH POC This Week

Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Faveo Helpdesk
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2017-7571 HIGH POC This Week

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Faveo Helpdesk
NVD GitHub Exploit-DB
CVSS 3.1
8.0
EPSS
0.3%
EPSS 0% CVSS 5.4
MEDIUM POC This Month

An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Faveo Helpdesk
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation XSS Faveo Helpdesk
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC This Week

Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Faveo Helpdesk
NVD GitHub
EPSS 0% CVSS 8.0
HIGH POC This Week

public/rolechangeadmin in Faveo 1.9.3 allows CSRF. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Faveo Helpdesk
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy