Ladybirdweb Faveo Helpdesk — known CVE vulnerabilities
Every CVE whose affected-product data names Ladybirdweb Faveo Helpdesk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-25350 — CVSS 8.8 (high): Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. When the user logs in through the login box, he has no judgment on the validity…
CVE-2017-7571 — CVSS 8.0 (high): public/rolechangeadmin in Faveo 1.9.3 allows CSRF. The impact is obtaining admin privileges.
CVE-2023-1724 — CVSS 7.3 (high): Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This…
CVE-2024-51377 — CVSS 5.4 (medium): An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary…