33 matches found
EUVD-2023-1033
Malicious code in bioql PyPI...
EUVD-2023-41517
Malicious code in bioql PyPI...
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
CVE-2023-1197
Cross-site Scripting XSS - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0...
CVE-2024-3137
Improper Privilege Management in uvdesk/community-skeleton...
CVE-2024-3137
Improper Privilege Management in uvdesk/community-skeleton...
CVE-2024-3137
CVE-2024-3137 affects uvdesk/community-skeleton. The issue is described as improper privilege management arising from inadequate access controls. According to the entry, the vulnerability has a CVSSv3 base score of 7.1 (HIGH): network attack vector, low attack complexity, privileges required: LOW...
CVE-2024-3137 Improper Privilege Management in uvdesk/community-skeleton
Improper Privilege Management in uvdesk/community-skeleton...
community-skeleton 安全漏洞
community-skeleton is a service-oriented, event-driven, extensible open source helpdesk system. A security vulnerability exists in uvdesk community-skeleton that stems from improper privilege management...
PT-2024-24015 · Unknown · Uvdesk Community Skeleton
Name of the Vulnerable Software and Affected Versions: uvdesk/community-skeleton affected versions not specified Description: The issue concerns improper privilege management. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
CVE-2023-37636
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
CVE-2023-37636
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
Code injection
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
Cross site scripting
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
CVE-2023-37636
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
PT-2023-26052 · Unknown · Uvdesk Community Skeleton
Name of the Vulnerable Software and Affected Versions: UVDesk Community Skeleton version 1.1.1 Description: The issue allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. This can be done through the login page, allowing attackers to...