The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28987
https://support.solarwinds.com/SuccessCenter/s/article/SolarWinds-Web-Help-Desk-12-8-3-Hotfix-2
Description Server-Side Request Forgery in URL Mapper in Arctic Security’s Arctic Hub versions 3.0.1764-5.6.1877 allows an unauthenticated remote attacker to
Description A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with
Description IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection