Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osticket osticket vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-15362
osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish co...
Osticket Osticket 1.10.1
7.5
CVSSv2
CVE-2005-1437
Multiple SQL injection vulnerabilities in osTicket allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php.
Osticket Osticket 1.x
7.5
CVSSv2
CVE-2004-0613
osTicket allows remote malicious users to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
Osticket Osticket Sts 1.2
1 EDB exploit
NA
CVE-2023-1315
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
NA
CVE-2023-1317
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
NA
CVE-2023-1318
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
NA
CVE-2022-4271
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket before 1.16.4.
Enhancesoft Osticket
NA
CVE-2022-31888
Session Fixation vulnerability in in function login in class.auth.php in osTicket up to and including 1.16.2.
Enhancesoft Osticket
NA
CVE-2023-1316
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
NA
CVE-2023-1319
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »