Vulnerabilities > RE Desk

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-30	CVE-2020-15849	SQL Injection vulnerability in Re-Desk Re:Desk 2.3 Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. network low complexity re-desk CWE-89	7.2
2020-09-30	CVE-2020-15488	Unrestricted Upload of File with Dangerous Type vulnerability in Re-Desk Re:Desk 2.3 Re:Desk 2.3 allows insecure file upload. network low complexity re-desk CWE-434	7.5
2020-09-30	CVE-2020-15487	SQL Injection vulnerability in Re-Desk Re:Desk 2.3 Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.php file. network low complexity re-desk CWE-89 critical	9.8

Vulnerabilities > RE Desk {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"RE Desk"}]}