Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
uvdesk community-skeleton 1.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated malicious users to perform brute force attacks on the login page to gain access to the application.
Uvdesk Community-skeleton 1.1.1
1 Github repository
NA
CVE-2023-37636
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket.
Webkul Uvdesk 1.1.1
NA
CVE-2023-0265
Uvdesk version 1.1.1 allows an authenticated remote malicious user to execute commands on the server. This is possible because the application does not properly validate profile pictures uploaded by customers.
Uvdesk Community-skeleton 1.1.1
NA
CVE-2023-0325
Uvdesk version 1.1.1 allows an unauthenticated remote malicious user to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket.
Uvdesk Community-skeleton 1.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started