ServicetonicCVEs & Vulnerabilities
3 CVEs affecting Servicetonic products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
3 CVEs→ All vendors
Most Affected Products
servicetonic 3
CVE-2021-28024CRITICAL
Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password.
8 Nov 2021
9.8
CVSS
CVE-2021-28023CRITICAL
Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extracts files in relative paths.
8 Nov 2021
9.8
CVSS
CVE-2021-28022HIGH
Blind SQL injection in the login form in ServiceTonic Helpdesk software < 9.0.35937 allows attacker to exfiltrate information via specially crafted HQL-compatible time-based SQL queries.
8 Nov 2021
7.5
CVSS
← PrevPage 1 / 1Next →