Shodan
Vulnerabilities
Vulnerable Software
Trudesk Project:  >> Trudesk  Security Vulnerabilities
CVE-2021-45785
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, causing a DoS attack. The attacker must craft a webpage that would perform a GET request to the /api/v1/admin/restart endpoint, then the victim (who has sufficient privileges), would visit the page and the server restart would begin. The attacker must know the full URL that TruDesk is on in order to craft the webpage.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-06-24
CVE-2023-26982
Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.
CVSS Score
5.4
EPSS Score
0.011
Published
2023-03-29
CVE-2022-1718
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-09-29
CVE-2022-1719
Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page
CVSS Score
5.5
EPSS Score
0.002
Published
2022-09-29
CVE-2022-2128
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
CVSS Score
9.6
EPSS Score
0.004
Published
2022-06-20
CVE-2022-2023
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
CVSS Score
10.0
EPSS Score
0.003
Published
2022-06-20
CVE-2022-1947
Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.
CVSS Score
9.1
EPSS Score
0.005
Published
2022-05-31
CVE-2022-1808
Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.
CVSS Score
8.8
EPSS Score
0.005
Published
2022-05-31
CVE-2022-1893
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.
CVSS Score
4.6
EPSS Score
0.003
Published
2022-05-31
CVE-2022-1926
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.
CVSS Score
7.6
EPSS Score
0.004
Published
2022-05-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved