Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs faq vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-21438
Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions.
Otrs Faq
Otrs Otrs
4
CVSSv2
CVE-2019-10065
An issue exists in Open Ticket Request System (OTRS) 7.0 up to and including 7.0.6. An attacker who is logged into OTRS as a customer user can use the search result screens to disclose information from internal FAQ articles, a different vulnerability than CVE-2019-9753.
Otrs Otrs
4.3
CVSSv2
CVE-2013-2637
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM before 3.2.4, 3.1.8, and 3.0.7 and FAQ before 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.
Otrs Faq
Otrs Otrs Itsm
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
1 EDB exploit
6.4
CVSSv2
CVE-2013-2625
An Access Bypass issue exists in OTRS Help Desk prior to 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM prior to 3.2.3, 3.1.8, and 3.0.7, and FAQ prior to 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified
Otrs Faq
Otrs Otrs Help Desk
Otrs Otrs Itsm
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
4
CVSSv2
CVE-2019-9753
An issue exists in Open Ticket Request System (OTRS) 7.x prior to 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom P...
Otrs Otrs
9
CVSSv2
CVE-2016-5843
Multiple SQL injection vulnerabilities in the FAQ package 2.x prior to 2.3.6, 4.x prior to 4.0.5, and 5.x prior to 5.0.5 in Open Ticket Request System (OTRS) allow remote malicious users to execute arbitrary SQL commands via crafted search parameters.
Otrs Faq 2.3.2
Otrs Faq 2.3.3
Otrs Faq 2.1.2
Otrs Faq 2.1.3
Otrs Faq 2.0.6
Otrs Faq 2.0.7
Otrs Faq 5.0.2
Otrs Faq 5.0.1
Otrs Faq 2.2.1
Otrs Faq 2.2.2
Otrs Faq 2.2.3
Otrs Faq 2.0.2
Otrs Faq 2.0.3
Otrs Faq 4.0.1
Otrs Faq 4.0.2
Otrs Faq 2.3.0
Otrs Faq 2.3.1
Otrs Faq 2.1.0
Otrs Faq 2.1.1
Otrs Faq 2.0.4
Otrs Faq 2.0.5
Otrs Faq 4.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started