Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to...
8.8AI Score
0.001EPSS
Zen Help Desk 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for...
6.5AI Score
0.006EPSS