Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osticket osticket vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-15362
osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish co...
Osticket Osticket 1.10.1
NA
CVE-2005-1437
Multiple SQL injection vulnerabilities in osTicket allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php.
Osticket Osticket 1.x
NA
CVE-2004-0613
osTicket allows remote malicious users to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
Osticket Osticket Sts 1.2
1 EDB exploit
5.4
CVSSv3
CVE-2023-1315
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2023-1317
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2023-1318
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2022-4271
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket before 1.16.4.
Enhancesoft Osticket
8.8
CVSSv3
CVE-2022-31888
Session Fixation vulnerability in in function login in class.auth.php in osTicket up to and including 1.16.2.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2023-1316
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
4.8
CVSSv3
CVE-2023-1319
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »