Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osticket osticket vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2004-0614
osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote malicious users to upload a file of any size.
Osticket Osticket Sts
668
VMScore
CVE-2005-1437
Multiple SQL injection vulnerabilities in osTicket allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php.
Osticket Osticket 1.x
755
VMScore
CVE-2004-0613
osTicket allows remote malicious users to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
Osticket Osticket Sts 1.2
1 EDB exploit
668
VMScore
CVE-2021-42235
SQL injection in osTicket prior to 1.14.8 and 1.15.4 login and password reset process allows malicious users to access the osTicket administration profile functionality.
Enhancesoft Osticket
383
VMScore
CVE-2020-22608
Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php.
Enhancesoft Osticket
383
VMScore
CVE-2020-22609
Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php.
Enhancesoft Osticket
1 Github repository
NA
CVE-2021-45811
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated malicious users to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
Enhancesoft Osticket
NA
CVE-2023-1318
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
NA
CVE-2023-1319
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
NA
CVE-2023-1320
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »