Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-33353 | 1 Wyomind | 1 Help Desk | 2024-11-21 | N/A | 9.8 CRITICAL |
Directory Traversal vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via the file attachment directory setting. | |||||
CVE-2021-33352 | 1 Wyomind | 1 Help Desk | 2024-11-21 | N/A | 9.8 CRITICAL |
An issue in Wyomind Help Desk Magento 2 extension v.1.3.6 and before fixed in v.1.3.7 allows attacker to execute arbitrary code via a phar file upload in the ticket message field. | |||||
CVE-2021-33351 | 1 Wyomind | 1 Help Desk | 2024-11-21 | N/A | 9.0 CRITICAL |
Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows attackers to escalte privileges via a crafted payload in the ticket message field. |