CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...

9.8CVSS7.2AI score0.08233EPSS

Exploits1

RedhatCVE•added 2025/05/23 2:58 a.m.•2 views

CVE-2023-1197

Cross-site Scripting XSS - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0...

4.8CVSS5.9AI score0.00226EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 2:54 a.m.•1 views

CVE-2023-0265

Uvdesk version 1.1.1 allows an authenticated remote attacker to execute commands on the server. This is possible because the application does not properly validate profile pictures uploaded by customers...

8.8CVSS7.3AI score0.01543EPSS

Exploits1References1

RedhatCVE•added 2025/02/05 10:3 a.m.•4 views

CVE-2024-3137

Improper Privilege Management in uvdesk/community-skeleton...

7.1CVSS6.8AI score0.00137EPSS

Exploits0References1

Veracode•added 2024/04/26 1:16 p.m.•16 views

Remote Code Execution

uvdesk/core-framework is vulnerable to Remote Code Execution. This vulnerability is due to insufficient input validation, allowing attackers to upload malicious files which result in Remote Code Execution...

10CVSS7.2AI score0.02799EPSS

Exploits0References3Affected Software1

OSV•added 2024/04/25 11:15 p.m.•12 views

CVE-2024-0916

Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3...

10CVSS7.7AI score

Exploits0References2

NVD•added 2024/04/25 11:15 p.m.•10 views

CVE-2024-0916

Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3...

10CVSS9.8AI score0.02799EPSS

Exploits0References2

CVE•added 2024/04/25 11:2 p.m.•66 views

CVE-2024-0916

CVE-2024-0916 affects UVdesk Community (1.0.0–1.1.3) and is due to insufficient input validation that allows unauthenticated file uploads leading to Remote Code Execution (RCE). Public sources describe the vulnerability as an unauthenticated file upload enabling code execution, with references no...

10CVSS9.7AI score0.02799EPSS

Exploits0References2

Cvelist•added 2024/04/25 11:2 p.m.•18 views

CVE-2024-0916 Unauthenticated Remote Code Execution in UvDesk Community

Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3...

10CVSS10AI score0.02799EPSS

Exploits0References2

Vulnrichment•added 2024/04/25 11:2 p.m.•12 views

CVE-2024-0916 Unauthenticated Remote Code Execution in UvDesk Community

Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3...

10CVSS7.6AI score0.02799EPSS

Exploits0References2

Positive Technologies•added 2024/04/25 12:0 a.m.•2 views

PT-2024-15917 · Unknown · Uvdesk Community

Name of the Vulnerable Software and Affected Versions: UvDesk Community versions 1.0.0 through 1.1.3 Description: Unauthenticated file upload allows remote code execution. Recommendations: For UvDesk Community versions 1.0.0 through 1.1.3, consider disabling the file upload feature until a patch ...

10CVSS7.8AI score0.02799EPSS

Exploits0References6

CNNVD•added 2024/04/25 12:0 a.m.•2 views

Uvdesk 安全漏洞

Uvdesk is a complete ticket support system open-sourced by Uvdesk India. A security vulnerability exists in UvDesk versions 1.0.0 through 1.1.3 that stems from an unauthenticated file upload allowing remote code execution...

10CVSS8.2AI score0.02799EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by