Headstart Solutions Deskpro — known CVE vulnerabilities
Every CVE whose affected-product data names Headstart Solutions Deskpro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2006-6974 — CVSS 7.5 (high): Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers…
CVE-2006-6973 — CVSS 7.5 (high): Headstart Solutions DeskPRO does not require authentication for certain files and directories associated with administrative activities…
CVE-2006-7000 — CVSS 5.0 (medium): Headstart Solutions DeskPRO allows remote attackers to obtain the full path via direct requests to (1) email/mail.php, (2)…
CVE-2006-6998 — CVSS 5.0 (medium): install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo…
CVE-2006-6999 — CVSS 4.3 (medium): attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified…