Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs otrs vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2008-1515
The SOAP interface in OTRS 2.1.x prior to 2.1.8 and 2.2.x prior to 2.2.6 allows remote malicious users to "read and modify objects" via SOAP requests, related to "Missing security checks."
Otrs Otrs
534
VMScore
CVE-2014-9324
The GenericInterface in OTRS Help Desk 3.2.x prior to 3.2.17, 3.3.x prior to 3.3.11, and 4.0.x prior to 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors.
Otrs Otrs Help Desk 3.2.5
Otrs Otrs Help Desk 3.2.6
Otrs Otrs Help Desk 3.2.13
Otrs Otrs Help Desk 3.2.14
Otrs Otrs Help Desk 3.3.5
Otrs Otrs Help Desk 3.3.6
Otrs Otrs Help Desk 4.0.2
Otrs Otrs Help Desk 3.2.3
Otrs Otrs Help Desk 3.2.4
Otrs Otrs Help Desk 3.2.11
Otrs Otrs Help Desk 3.2.12
Otrs Otrs Help Desk 3.3.3
Otrs Otrs Help Desk 3.3.4
Otrs Otrs Help Desk 4.0.0
Otrs Otrs Help Desk 4.0.1
Otrs Otrs Help Desk 3.2.1
Otrs Otrs Help Desk 3.2.2
Otrs Otrs Help Desk 3.2.9
Otrs Otrs Help Desk 3.2.10
Otrs Otrs Help Desk 3.3.1
Otrs Otrs Help Desk 3.3.2
Otrs Otrs Help Desk 3.3.9
534
VMScore
CVE-2008-7283
Open Ticket Request System (OTRS) prior to 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions.
Otrs Otrs 2.1.6
Otrs Otrs 2.1.5
Otrs Otrs 1.3.2
Otrs Otrs 2.0.0
Otrs Otrs 1.0
Otrs Otrs 1.1
Otrs Otrs 0.5
Otrs Otrs 1.2.4
Otrs Otrs 1.1.3
Otrs Otrs 1.0.1
Otrs Otrs 1.0.2
Otrs Otrs 2.2.0
Otrs Otrs 2.2.1
Otrs Otrs 2.1.0
Otrs Otrs 2.1.9
Otrs Otrs 2.1.2
Otrs Otrs 2.0.4
Otrs Otrs 1.0.0
Otrs Otrs 1.3.1
Otrs Otrs 2.0.5
Otrs Otrs 1.2.0
Otrs Otrs 1.2.1
534
VMScore
CVE-2010-4768
Open Ticket Request System (OTRS) prior to 2.3.5 does not properly disable hidden permissions, which allows remote authenticated users to bypass intended queue access restrictions in opportunistic circumstances by visiting a ticket, related to a certain ordering of permission-set...
Otrs Otrs 2.1.9
Otrs Otrs 2.1.1
Otrs Otrs 2.1.3
Otrs Otrs 2.1.5
Otrs Otrs 2.3.0
Otrs Otrs 1.3.2
Otrs Otrs 2.2.3
Otrs Otrs 2.2.0
Otrs Otrs 0.5
Otrs Otrs 2.0.5
Otrs Otrs 2.1.7
Otrs Otrs 2.0.0
Otrs Otrs 1.1.3
Otrs Otrs 1.2.0
Otrs Otrs 1.2.1
Otrs Otrs 1.3.0
Otrs Otrs 1.1.4
Otrs Otrs 2.1.0
Otrs Otrs 2.3.2
Otrs Otrs 2.3.3
Otrs Otrs 2.0.4
Otrs Otrs 1.1.1
516
VMScore
CVE-2018-16587
In Open Ticket Request System (OTRS) 4.0.x prior to 4.0.32, 5.0.x prior to 5.0.30, and 6.0.x prior to 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server use...
Otrs Open Ticket Request System
Debian Debian Linux 8.0
Debian Debian Linux 9.0
516
VMScore
CVE-2005-3895
Open Ticket Request System (OTRS) 1.0.0 up to and including 1.3.2 and 2.0.0 up to and including 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which all...
Otrs Otrs 1.3.2
Otrs Otrs 2.0.0
Otrs Otrs 2.0.1
Otrs Otrs 2.0.2
Otrs Otrs 1.0.0
Otrs Otrs 2.0.3
505
VMScore
CVE-2007-6341
Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote malicious users to cause a denial of service (program "croak") via a crafted DNS response.
Net Dns Net Dns 0.60
1 EDB exploit
490
VMScore
CVE-2020-1773
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS...
Otrs Otrs
490
VMScore
CVE-2020-1768
The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions.
Otrs Otrs
490
VMScore
CVE-2018-20800
An issue exists in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13. Users updating to 6.0.13 (also patchlevel updates) or 5.0.31 (only major updates) will experience data loss in their agent preferences table.
Otrs Otrs 5.0.31
Otrs Otrs 6.0.13
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »