CVE-2025-36727

High CVSS: 8.3

Inclusion of Functionality from Untrusted Control Sphere vulnerability in Simplehelp.This issue affects Simplehelp: before 5.5.12.

Vendor

Product

CWE

Yayın Tarihi

2025-07-25 17:15:31

Güncelleme

2025-08-26 16:59:10

Source Identifier

vulnreport@tenable.com

KEV Date Added

CWE-829 Simplehelp HIGH Simple-help 2025

https://www.tenable.com/security/research/tra-2025-24

Medium

CVE-2025-36728

Cross-Site Request Forgery (CSRF) vulnerability in Simplehelp.This issue affects Simplehelp: before 5.5.11.

Critical

CVE-2024-57726

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to creat…

High

CVE-2024-57727

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enabl…

High

CVE-2024-57728

SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file s…