Webkul Uvdesk vulnerabilities
2 known vulnerabilities affecting webkul/uvdesk.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-39147P3HIGHCVSS 7.8PoCv1.1.32023-08-01
CVE-2023-39147 [HIGH] CWE-434 CVE-2023-39147: An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code vi
An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file.
nvd
CVE-2023-37636P4MEDIUMCVSS 5.4v1.1.12023-10-23
CVE-2023-37636 [MEDIUM] CWE-79 CVE-2023-37636: A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attacke
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket.
nvd