CVE-2017-7447

HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code.
Configurations

Configuration 1 (hide)

cpe:2.3:a:helpdezk:helpdezk:1.1.1:*:*:*:*:*:*:*

History

21 Nov 2024, 03:31

Type Values Removed Values Added
References () http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html - Exploit, Technical Description, Third Party Advisory () http://rungga.blogspot.co.id/2017/04/multiple-csrf-remote-code-execution.html - Exploit, Technical Description, Third Party Advisory
References () http://www.securityfocus.com/bid/97485 - () http://www.securityfocus.com/bid/97485 -
References () https://github.com/albandes/helpdezk/issues/2 - Patch, Third Party Advisory () https://github.com/albandes/helpdezk/issues/2 - Patch, Third Party Advisory
References () https://www.exploit-db.com/exploits/41824/ - () https://www.exploit-db.com/exploits/41824/ -

Information

Published : 2017-04-05 22:59

Updated : 2024-11-21 03:31


NVD link : CVE-2017-7447

Mitre link : CVE-2017-7447

CVE.ORG link : CVE-2017-7447


JSON object : View

Products Affected

helpdezk

  • helpdezk
CWE
CWE-352

Cross-Site Request Forgery (CSRF)