Vision Helpdesk SQL Injection Vulnerability
Vision Helpdesk is a web based Helpdesk software which allows to manage support for multiple companies at one place. The staff users can manage all companies tickets from single portal whereas individual companies will have their own client interface. This allow easy management for all tickets at one place.
There was an SQL injection vulnerability in Vision Helpdesk version 3.8.4. Using Vision Helpdesk SQL injection vulnerability, malicious user can obtain any information from the database. Since database contains critical and sensitive information, this Vision Helpdesk SQL injection vulnerability was rated as high.
This vulnerability was tested against version 3.8.4 but it may be existed in all previous version of Vision Helpdesk. Vision Helpdesk released a patch version 3.8.6 to address this SQL injection vulnerability.
If you are using Vision Helpdesk version < 3.8.6, it is highly recommend that you upgrade it as soon as possible.