📦 Trudesk

This vulnerability involves incorrect use of privileged APIs in the trudesk help desk software, allowing attackers to execute arbitrary code with elevated privileges. It affects all users running trud...

CVE-2022-1775 is a critical authentication vulnerability in the truDesk helpdesk software that allows attackers to bypass weak password requirements and potentially gain unauthorized access. This affe...

CVE-2022-1931 is an incorrect synchronization vulnerability in the trudesk help desk software that can lead to race conditions and data corruption. Attackers could exploit this to cause denial of serv...

This vulnerability allows attackers to upload malicious files to the truDesk helpdesk software due to insufficient file type validation. Attackers could upload executable files like PHP scripts, poten...

CVE-2022-1770 is an improper privilege management vulnerability in the trudesk helpdesk software that allows authenticated users to escalate their privileges to administrator level. This affects all t...

This CSRF vulnerability in TruDesk Help Desk/Ticketing Solution v1.1.11 allows attackers to force privileged users to restart the server via a crafted webpage, causing a denial of service. Attackers n...

This stored XSS vulnerability in Trudesk v1.2.6 allows attackers to inject malicious scripts via the Add Tags parameter when creating tickets. When other users view affected tickets, the scripts execu...