Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
uvdesk community-skeleton 1.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0325
Uvdesk version 1.1.1 allows an unauthenticated remote malicious user to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket.
Uvdesk Community-skeleton 1.1.1
NA
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated malicious users to perform brute force attacks on the login page to gain access to the application.
Uvdesk Community-skeleton 1.1.1
1 Github repository
NA
CVE-2023-0265
Uvdesk version 1.1.1 allows an authenticated remote malicious user to execute commands on the server. This is possible because the application does not properly validate profile pictures uploaded by customers.
Uvdesk Community-skeleton 1.1.1
NA
CVE-2023-37636
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket.
Webkul Uvdesk 1.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started