Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

php ticket php ticket vulnerabilities and exploits

(subscribe to this query)
8
CVSSv3
CVE-2022-39369
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an malicious user to control th...
Apereo PhpcasFedoraproject Fedora 35Fedoraproject Fedora 36Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2021-21324
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference (IDOR) on "Solutions". This vulnerability gives a...
Glpi-project Glpi
9.8
CVSSv3
CVE-2014-4172
A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client prior to 3.3.2, .NET CAS Client prior to 1.0.2, and phpCAS prior to 1.3.3 that allow remote malicious users to inject arbitrary web script or ...
Apereo .net Cas ClientApereo Java Cas ClientApereo PhpcasDebian Debian Linux 7.0Fedoraproject Fedora 20
6.1
CVSSv3
CVE-2016-7103
Cross-site scripting (XSS) vulnerability in jQuery UI prior to 1.12.0 might allow remote malicious users to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Jqueryui Jquery UiOracle Weblogic Server 12.1.3.0.0Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.2.1.3.0Oracle Business Intelligence 12.2.1.3.0Oracle Business Intelligence 12.2.1.4.0Oracle Hospitality Cruise Fleet Management 9.0.11Oracle Application ExpressOracle Primavera UnifierOracle Siebel Ui FrameworkOracle Oss Support ToolsOracle Oss Support Tools 2.12.42Fedoraproject Fedora 30Fedoraproject Fedora 35Fedoraproject Fedora 36Netapp Snapcenter -Redhat Openstack 7.0Redhat Openstack 9Redhat Openstack 8Juniper Junos 21.2Debian Debian Linux 9.0
NA
CVE-2012-6516
SQL injection vulnerability in PHP Ticket System Beta 1 allows remote malicious users to execute arbitrary SQL commands via the q parameter to index.php.
Shawn Bradley Php Ticket System 1.0
NA
CVE-2010-3690
Multiple cross-site scripting (XSS) vulnerabilities in phpCAS prior to 1.1.3, when proxy mode is enabled, allow remote malicious users to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback function in client.php, (2)...
Apereo Phpcas 0.2Apereo Phpcas 0.3Apereo Phpcas 0.3.1Apereo Phpcas 0.3.2Apereo Phpcas 0.4Apereo Phpcas 0.4.1Apereo Phpcas 0.4.8Apereo Phpcas 0.4.9Apereo Phpcas 0.4.10Apereo Phpcas 0.4.11Apereo Phpcas 0.4.12Apereo Phpcas 0.4.13Apereo Phpcas 0.4.14Apereo Phpcas 0.4.15Apereo Phpcas 0.4.16Apereo Phpcas 0.4.17Apereo Phpcas 0.4.18Apereo Phpcas 0.4.19Apereo Phpcas 0.4.20Apereo Phpcas 0.4.21Apereo Phpcas 0.4.22Apereo Phpcas 0.4.23
NA
CVE-2010-3692
Directory traversal vulnerability in the callback function in client.php in phpCAS prior to 1.1.3, when proxy mode is enabled, allows remote malicious users to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.
Apereo Phpcas 0.2Apereo Phpcas 0.3Apereo Phpcas 0.3.1Apereo Phpcas 0.3.2Apereo Phpcas 0.4Apereo Phpcas 0.4.1Apereo Phpcas 0.4.8Apereo Phpcas 0.4.9Apereo Phpcas 0.4.10Apereo Phpcas 0.4.11Apereo Phpcas 0.4.12Apereo Phpcas 0.4.13Apereo Phpcas 0.4.14Apereo Phpcas 0.4.15Apereo Phpcas 0.4.16Apereo Phpcas 0.4.17Apereo Phpcas 0.4.18Apereo Phpcas 0.4.19Apereo Phpcas 0.4.20Apereo Phpcas 0.4.21Apereo Phpcas 0.4.22Apereo Phpcas 0.4.23
NA
CVE-2010-2795
phpCAS prior to 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.
Joachim Fritschi Phpcas 0.5.0Joachim Fritschi Phpcas 0.4.13Joachim Fritschi Phpcas 1.1.0Joachim Fritschi Phpcas 0.4.20Joachim Fritschi Phpcas 0.4.6Joachim Fritschi Phpcas 0.4.14Joachim Fritschi Phpcas 0.4.16Joachim Fritschi Phpcas 0.4.19Joachim Fritschi Phpcas 0.6.0Joachim Fritschi Phpcas 0.3.2Joachim Fritschi Phpcas 0.4.5Joachim Fritschi Phpcas 0.4.2Joachim Fritschi Phpcas 0.4.8Joachim Fritschi Phpcas 0.4.17Joachim Fritschi Phpcas 0.4.4Joachim Fritschi Phpcas 0.4.22Joachim Fritschi Phpcas 0.4.10Joachim Fritschi Phpcas 0.4.11Joachim Fritschi Phpcas 0.4.3Joachim Fritschi Phpcas 0.3Joachim Fritschi Phpcas 0.5.1Joachim Fritschi Phpcas 1.0.0
NA
CVE-2010-1089
SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phptroubleticket Php Trouble Ticket 2.2
NA
CVE-2009-2639
SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a viewticket action.
Mrcgiguy The Ticket System 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flawCVE-2024-23692CVE-2024-26229CVE-2024-35255CVE-2024-5835CVE-2024-5837XML external entitydosCVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook