Uvdesk version 1.1.1 allows an authenticated remote malicious user to execute commands on the server. This is possible because the application does not properly validate profile pictures uploaded by customers.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uvdesk community-skeleton 1.1.1 |