Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bestpractical rt 3.8.15 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-4732
Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions prior to 3.8.15, and 4.0.6 and other versions prior to 4.0.8, allows remote malicious users to hijack the authentication of users for requests that toggle ticket bookmarks.
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.12
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.8
Bestpractical Rt 4.0.7
7.5
CVSSv2
CVE-2013-3525
SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ShowPending parameter. NOTE: the vendor disputes this issue, stating "We were unable to replicate it, and th...
Bestpractical Request Tracker 3.8.15
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 3.8.16
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 3.8.7
Bestpractical Request Tracker 3.6.8
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker
Bestpractical Request Tracker 4.0.4
Bestpractical Request Tracker 3.8.14
Bestpractical Request Tracker 3.6.10
Bestpractical Request Tracker 3.8.9
Bestpractical Request Tracker 3.8.10
Bestpractical Request Tracker 3.8.13
Bestpractical Request Tracker 3.8.11
Bestpractical Request Tracker 3.8.12
Bestpractical Request Tracker 4.0.8
Bestpractical Request Tracker 4.0.3
Bestpractical Request Tracker 3.8.4
1 EDB exploit
5
CVSSv2
CVE-2015-1165
RT (aka Request Tracker) 3.8.8 up to and including 4.x prior to 4.0.23 and 4.2.x prior to 4.2.10 allows remote malicious users to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.
Fedoraproject Fedora 22
Debian Debian Linux 7.0
Fedoraproject Fedora 21
Bestpractical Request Tracker 4.2.3
Bestpractical Request Tracker 4.2.6
Bestpractical Request Tracker 4.0.18
Bestpractical Request Tracker 3.8.15
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.17
Bestpractical Request Tracker 4.0.21
Bestpractical Request Tracker 4.0.22
Bestpractical Request Tracker 3.8.16
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.2.2
Bestpractical Request Tracker 4.0.15
Bestpractical Request Tracker 4.2.7
Bestpractical Request Tracker 4.2.0
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.10
7.1
CVSSv2
CVE-2014-9472
The email gateway in RT (aka Request Tracker) 3.0.0 up to and including 4.x prior to 4.0.23 and 4.2.x prior to 4.2.10 allows remote malicious users to cause a denial of service (CPU and disk consumption) via a crafted email.
Debian Debian Linux 7.0
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Bestpractical Request Tracker 4.2.3
Bestpractical Request Tracker 4.2.6
Bestpractical Request Tracker 4.0.18
Bestpractical Request Tracker 3.8.15
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.17
Bestpractical Request Tracker 4.0.21
Bestpractical Request Tracker 4.0.22
Bestpractical Request Tracker 3.8.16
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.2.2
Bestpractical Request Tracker 3.8.7
Bestpractical Request Tracker 4.0.15
Bestpractical Request Tracker 4.2.7
Bestpractical Request Tracker 4.2.0
Bestpractical Request Tracker 3.6.8
Bestpractical Request Tracker 4.0.1
4.3
CVSSv2
CVE-2012-6578
Best Practical Solutions RT 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote malicious users to spoof messages by leveraging the lack of auth...
Bestpractical Request Tracker 3.8.7
Bestpractical Request Tracker 3.8.14
Bestpractical Request Tracker 3.8.9
Bestpractical Request Tracker 3.8.10
Bestpractical Request Tracker 3.8.13
Bestpractical Request Tracker 3.8.11
Bestpractical Request Tracker 3.8.12
Bestpractical Request Tracker 3.8.4
Bestpractical Request Tracker 3.8.3
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.4
Bestpractical Request Tracker 4.0.3
6.4
CVSSv2
CVE-2012-6579
Best Practical Solutions RT 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8, when GnuPG is enabled, allows remote malicious users to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service (loss of e-mail readability), via an e-mail mess...
Bestpractical Request Tracker 3.8.7
Bestpractical Request Tracker 3.8.14
Bestpractical Request Tracker 3.8.9
Bestpractical Request Tracker 3.8.10
Bestpractical Request Tracker 3.8.13
Bestpractical Request Tracker 3.8.11
Bestpractical Request Tracker 3.8.12
Bestpractical Request Tracker 3.8.4
Bestpractical Request Tracker 3.8.3
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.4
Bestpractical Request Tracker 4.0.3
4.3
CVSSv2
CVE-2012-6581
Best Practical Solutions RT 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8, when GnuPG is enabled, allows remote malicious users to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secre...
Bestpractical Request Tracker 3.8.7
Bestpractical Request Tracker 3.8.14
Bestpractical Request Tracker 3.8.9
Bestpractical Request Tracker 3.8.10
Bestpractical Request Tracker 3.8.13
Bestpractical Request Tracker 3.8.11
Bestpractical Request Tracker 3.8.12
Bestpractical Request Tracker 3.8.4
Bestpractical Request Tracker 3.8.3
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.4
Bestpractical Request Tracker 4.0.3
4.3
CVSSv2
CVE-2012-6580
Best Practical Solutions RT 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote malicious users to spoof details of a message's origin or interfer...
Bestpractical Request Tracker 3.8.7
Bestpractical Request Tracker 3.8.14
Bestpractical Request Tracker 3.8.9
Bestpractical Request Tracker 3.8.10
Bestpractical Request Tracker 3.8.13
Bestpractical Request Tracker 3.8.11
Bestpractical Request Tracker 3.8.12
Bestpractical Request Tracker 3.8.4
Bestpractical Request Tracker 3.8.3
Bestpractical Request Tracker 4.0.0
Bestpractical Request Tracker 4.0.6
Bestpractical Request Tracker 4.0.7
Bestpractical Request Tracker 4.0.5
Bestpractical Request Tracker 4.0.1
Bestpractical Request Tracker 4.0.2
Bestpractical Request Tracker 4.0.4
Bestpractical Request Tracker 4.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2