CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2024-0916 – Unauthenticated Remote Code Execution in UvDesk Community
https://notcve.org/view.php?id=CVE-2024-0916
25 Apr 2024 — Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3. La carga de archivos no autenticados permite la ejecución remota de código. Este problema afecta a UvDesk Community: desde 1.0.0 hasta 1.1.3. Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3. • https://github.com/uvdesk/core-framework/pull/706 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37636
https://notcve.org/view.php?id=CVE-2023-37636
23 Oct 2023 — A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en UVDesk Community Skeleton v1.1.1 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado que se inyecta en el campo Mensaje al crear un ticket. • https://www.esecforte.com/cve-2023-37636-stored-cross-site-scripting • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2023-39147 – Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)
https://notcve.org/view.php?id=CVE-2023-39147
01 Aug 2023 — An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file. Una vulnerabilidad de carga de archivos arbitrarios en Uvdesk 1.1.3 permite a los atacantes ejecutar código arbitrario mediante la carga de un archivo de imagen manipulado. Uvdesk version 1.1.3 suffers from a remote shell upload vulnerability. • https://packetstorm.news/files/id/173878 • CWE-434: Unrestricted Upload of File with Dangerous Type •