Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7481

Malware in sbrugna...

7.5CVSS7AI score0.00984EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:13 p.m.7 views

CVE-2020-15488

Re:Desk 2.3 allows insecure file upload...

7.5CVSS6.9AI score0.00984EPSS
Exploits1
NVD
NVD
added 2020/09/30 7:15 p.m.14 views

CVE-2020-15488

Re:Desk 2.3 allows insecure file upload...

7.5CVSS0.00984EPSS
Exploits1References2
NVD
NVD
added 2020/09/30 7:15 p.m.13 views

CVE-2020-15849

Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates method. A malicious actor with access to an administrative account could abuse this vulnerability to recover sensitive data from the application's database, allowing for...

7.2CVSS0.02744EPSS
Exploits1References2
Prion
Prion
added 2020/09/30 7:15 p.m.15 views

Unrestricted file upload

Re:Desk 2.3 allows insecure file upload...

5CVSS6.9AI score0.00984EPSS
Exploits1References2
CVE
CVE
added 2020/09/30 6:28 p.m.39 views

CVE-2020-15849

Re:Desk 2.3 contains a blind authenticated SQL injection in the SettingsController::actionEmailTemplates() method. A user with admin access could retrieve sensitive data, bypass authorization, and modify password-reset tokens, potentially leading to account takeovers. The issue could also enable ...

7.2CVSS7.7AI score0.02744EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/09/30 6:26 p.m.37 views

CVE-2020-15488

CVE-2020-15488 affects Re:Desk 2.3 and is described as an insecure file upload vulnerability. Public records note this CVE with an NVD entry (NVD: CVE-2020-15488) and related references; associated scores indicate CVSS v2 base 5.0 (Medium) and CVSS v3.1 base 7.5 (High) with network access and low...

7.5CVSS7AI score0.00984EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/09/30 6:26 p.m.19 views

CVE-2020-15488

Re:Desk 2.3 allows insecure file upload...

7.1AI score0.00984EPSS
Exploits1References2
Prion
Prion
added 2020/09/30 6:15 p.m.13 views

Sql injection

Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria function in the protected/models/Ticket.php file. By modifying the folder GET parameter, it is possible to execute arbitrary SQL statements via a crafted URL. Unauthenticated remote command execution i...

7.5CVSS10AI score0.0369EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/09/30 6:0 p.m.19 views

CVE-2020-15487

Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria function in the protected/models/Ticket.php file. By modifying the folder GET parameter, it is possible to execute arbitrary SQL statements via a crafted URL. Unauthenticated remote command execution i...

10AI score0.0369EPSS
Exploits1References2
CVE
CVE
added 2020/09/30 6:0 p.m.35 views

CVE-2020-15487

Re:Desk 2.3 contains a blind unauthenticated SQL injection in getBaseCriteria() (protected/models/Ticket.php). By altering the folder GET parameter in a crafted URL, arbitrary SQL can be executed, enabling unauthenticated remote command execution via a bizRule eval() in yii/framework/web/auth/CAu...

9.8CVSS10AI score0.0369EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder