VYPR

trudesk

by Polonel

CVEs (16)

  • CVE-2023-26982MedMar 29, 2023
    risk 0.35cvss 5.4epss 0.01

    Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.

  • CVE-2022-1718HigSep 29, 2022
    risk 0.00cvss 7.5epss 0.01

    The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of…

  • CVE-2022-2128CriJun 20, 2022
    risk 0.00cvss 9.8epss 0.03

    Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.

  • CVE-2022-2023CriJun 20, 2022
    risk 0.00cvss 9.8epss 0.03

    Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.

  • CVE-2022-1947MedMay 31, 2022
    risk 0.00cvss 6.5epss 0.01

    Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.

  • CVE-2022-1893MedMay 31, 2022
    risk 0.00cvss 4.6epss 0.01

    Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.

  • CVE-2022-1808HigMay 31, 2022
    risk 0.00cvss 8.8epss 0.03

    Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.

  • CVE-2022-1926MedMay 31, 2022
    risk 0.00cvss 4.9epss 0.01

    Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.

  • CVE-2022-1931HigMay 31, 2022
    risk 0.00cvss 8.1epss 0.02

    Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.

  • CVE-2022-1752HigMay 21, 2022
    risk 0.00cvss 8.0epss 0.02

    Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.

  • CVE-2022-1775CriMay 20, 2022
    risk 0.00cvss 9.8epss 0.02

    Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.

  • CVE-2022-1770HigMay 20, 2022
    risk 0.00cvss 8.8epss 0.02

    Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.

  • CVE-2022-1754MedMay 20, 2022
    risk 0.00cvss 6.5epss 0.01

    Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.

  • CVE-2022-1728MedMay 16, 2022
    risk 0.00cvss 6.5epss 0.01

    Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.

  • CVE-2022-1044MedMay 12, 2022
    risk 0.00cvss 6.5epss 0.01

    Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.

  • CVE-2022-1045MedApr 11, 2022
    risk 0.00cvss 5.4epss 0.02

    Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.