Joomla Helpdesk Pro versions prior to 1.4.0 suffers from cross site scripting, local file disclosure, remote file upload, remote SQL injection, and insecure direct object reference vulnerabilities.
9712ee16b62ebd84fa316ca9325157ce4e08bf0486e35985aa2ded84460b3fa7