Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
uvdesk community-skeleton 1.1.1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated malicious users to perform brute force attacks on the login page to gain access to the application.
Uvdesk Community-skeleton 1.1.1
1 Github repository
8.8
CVSSv3
CVE-2023-0265
Uvdesk version 1.1.1 allows an authenticated remote malicious user to execute commands on the server. This is possible because the application does not properly validate profile pictures uploaded by customers.
Uvdesk Community-skeleton 1.1.1
6.1
CVSSv3
CVE-2023-0325
Uvdesk version 1.1.1 allows an unauthenticated remote malicious user to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket.
Uvdesk Community-skeleton 1.1.1
5.4
CVSSv3
CVE-2023-37636
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket.
Webkul Uvdesk 1.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started