Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osticket osticket vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0614
osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote malicious users to upload a file of any size.
Osticket Osticket Sts
NA
CVE-2004-0613
osTicket allows remote malicious users to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
Osticket Osticket Sts 1.2
1 EDB exploit
NA
CVE-2005-1437
Multiple SQL injection vulnerabilities in osTicket allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php.
Osticket Osticket 1.x
6.5
CVSSv3
CVE-2021-45811
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated malicious users to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
Enhancesoft Osticket
8.8
CVSSv3
CVE-2022-31888
Session Fixation vulnerability in in function login in class.auth.php in osTicket up to and including 1.16.2.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2023-1316
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2023-1317
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2023-1318
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
9.8
CVSSv3
CVE-2021-42235
SQL injection in osTicket prior to 1.14.8 and 1.15.4 login and password reset process allows malicious users to access the osTicket administration profile functionality.
Enhancesoft Osticket
5.4
CVSSv3
CVE-2023-1315
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
Enhancesoft Osticket
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »