Skip to main content

Community Skeleton

4 CVEs product

Monthly

CVE-2023-37635 CRITICAL POC Act Now

UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Community Skeleton
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-0325 PHP MEDIUM POC This Month

Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the application. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Community Skeleton
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-0265 PHP HIGH POC This Week

Uvdesk version 1.1.1 allows an authenticated remote attacker to execute commands on the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Community Skeleton
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-1197 PHP MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Community Skeleton
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Community Skeleton
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the application. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Community Skeleton
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

Uvdesk version 1.1.1 allows an authenticated remote attacker to execute commands on the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Community Skeleton
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Community Skeleton
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy