CVE-2025-36728

Medium CVSS: 6.3

Cross-Site Request Forgery (CSRF) vulnerability in Simplehelp.This issue affects Simplehelp: before 5.5.11.

Vendor

Product

CWE

Yayın Tarihi

2025-07-25 17:15:31

Güncelleme

2025-08-26 16:58:16

Source Identifier

vulnreport@tenable.com

KEV Date Added

CWE-352 Simplehelp MEDIUM Simple-help 2025

https://www.tenable.com/security/research/tra-2025-24

High

CVE-2025-36727

Inclusion of Functionality from Untrusted Control Sphere vulnerability in Simplehelp.This issue affects Simplehelp: befo…

Critical

CVE-2024-57726

SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to creat…

High

CVE-2024-57727

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enabl…

High

CVE-2024-57728

SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file s…