Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php ticket php ticket vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2022-39369
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an malicious user to control th...
Apereo Phpcas
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
6.5
CVSSv3
CVE-2021-21324
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference (IDOR) on "Solutions". This vulnerability gives a...
Glpi-project Glpi
9.8
CVSSv3
CVE-2014-4172
A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client prior to 3.3.2, .NET CAS Client prior to 1.0.2, and phpCAS prior to 1.3.3 that allow remote malicious users to inject arbitrary web script or ...
Apereo .net Cas Client
Apereo Java Cas Client
Apereo Phpcas
Debian Debian Linux 7.0
Fedoraproject Fedora 20
6.1
CVSSv3
CVE-2016-7103
Cross-site scripting (XSS) vulnerability in jQuery UI prior to 1.12.0 might allow remote malicious users to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Jqueryui Jquery Ui
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Hospitality Cruise Fleet Management 9.0.11
Oracle Application Express
Oracle Primavera Unifier
Oracle Siebel Ui Framework
Oracle Oss Support Tools
Oracle Oss Support Tools 2.12.42
Fedoraproject Fedora 30
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Snapcenter -
Redhat Openstack 7.0
Redhat Openstack 9
Redhat Openstack 8
Juniper Junos 21.2
Debian Debian Linux 9.0
NA
CVE-2012-6516
SQL injection vulnerability in PHP Ticket System Beta 1 allows remote malicious users to execute arbitrary SQL commands via the q parameter to index.php.
Shawn Bradley Php Ticket System 1.0
1 EDB exploit
NA
CVE-2010-3690
Multiple cross-site scripting (XSS) vulnerabilities in phpCAS prior to 1.1.3, when proxy mode is enabled, allow remote malicious users to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback function in client.php, (2)...
Apereo Phpcas 0.2
Apereo Phpcas 0.3
Apereo Phpcas 0.3.1
Apereo Phpcas 0.3.2
Apereo Phpcas 0.4
Apereo Phpcas 0.4.1
Apereo Phpcas 0.4.8
Apereo Phpcas 0.4.9
Apereo Phpcas 0.4.10
Apereo Phpcas 0.4.11
Apereo Phpcas 0.4.12
Apereo Phpcas 0.4.13
Apereo Phpcas 0.4.14
Apereo Phpcas 0.4.15
Apereo Phpcas 0.4.16
Apereo Phpcas 0.4.17
Apereo Phpcas 0.4.18
Apereo Phpcas 0.4.19
Apereo Phpcas 0.4.20
Apereo Phpcas 0.4.21
Apereo Phpcas 0.4.22
Apereo Phpcas 0.4.23
NA
CVE-2010-3692
Directory traversal vulnerability in the callback function in client.php in phpCAS prior to 1.1.3, when proxy mode is enabled, allows remote malicious users to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.
Apereo Phpcas 0.2
Apereo Phpcas 0.3
Apereo Phpcas 0.3.1
Apereo Phpcas 0.3.2
Apereo Phpcas 0.4
Apereo Phpcas 0.4.1
Apereo Phpcas 0.4.8
Apereo Phpcas 0.4.9
Apereo Phpcas 0.4.10
Apereo Phpcas 0.4.11
Apereo Phpcas 0.4.12
Apereo Phpcas 0.4.13
Apereo Phpcas 0.4.14
Apereo Phpcas 0.4.15
Apereo Phpcas 0.4.16
Apereo Phpcas 0.4.17
Apereo Phpcas 0.4.18
Apereo Phpcas 0.4.19
Apereo Phpcas 0.4.20
Apereo Phpcas 0.4.21
Apereo Phpcas 0.4.22
Apereo Phpcas 0.4.23
NA
CVE-2010-2795
phpCAS prior to 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.
Joachim Fritschi Phpcas 0.5.0
Joachim Fritschi Phpcas 0.4.13
Joachim Fritschi Phpcas 1.1.0
Joachim Fritschi Phpcas 0.4.20
Joachim Fritschi Phpcas 0.4.6
Joachim Fritschi Phpcas 0.4.14
Joachim Fritschi Phpcas 0.4.16
Joachim Fritschi Phpcas 0.4.19
Joachim Fritschi Phpcas 0.6.0
Joachim Fritschi Phpcas 0.3.2
Joachim Fritschi Phpcas 0.4.5
Joachim Fritschi Phpcas 0.4.2
Joachim Fritschi Phpcas 0.4.8
Joachim Fritschi Phpcas 0.4.17
Joachim Fritschi Phpcas 0.4.4
Joachim Fritschi Phpcas 0.4.22
Joachim Fritschi Phpcas 0.4.10
Joachim Fritschi Phpcas 0.4.11
Joachim Fritschi Phpcas 0.4.3
Joachim Fritschi Phpcas 0.3
Joachim Fritschi Phpcas 0.5.1
Joachim Fritschi Phpcas 1.0.0
NA
CVE-2010-1089
SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phptroubleticket Php Trouble Ticket 2.2
1 EDB exploit
NA
CVE-2009-2639
SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a viewticket action.
Mrcgiguy The Ticket System 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »