Cnesty Helpcom vulnerabilities
3 known vulnerabilities affecting cnesty/helpcom.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2020-7856P2CRITICALCVSS 9.8fixed in 11.2020≥ unspecified, ≤ 10.02021-04-20
CVE-2020-7856 [CRITICAL] CWE-287 CVE-2020-7856: A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. Thi
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
nvd
CVE-2020-7871P2CRITICALCVSS 9.8fixed in 10.0≥ 10.0, < 10.0(2020.11)2021-06-29
CVE-2020-7871 [CRITICAL] CWE-20 CVE-2020-7871: A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. Thi
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of the parameter. This issue affects: Cnesty Helpcom 10.0 versions prior to.
nvd
CVE-2020-7846P3HIGHCVSS 8.8fixed in 10.02021-02-24
CVE-2020-7846 [HIGH] CWE-321 CVE-2020-7846: Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcode
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.
nvd