Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3476
Open Ticket Request System (OTRS) 2.3.x prior to 2.3.6 and 2.4.x prior to 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote malicious users to cause a denial of service (CPU consumption) via a large message, ...
Otrs Otrs 2.3.5
Otrs Otrs 2.4.1
Otrs Otrs 2.3.2
Otrs Otrs 2.3.3
Otrs Otrs 2.3.4
Otrs Otrs 2.4.6
Otrs Otrs 2.4.7
Otrs Otrs 2.3.1
Otrs Otrs 2.4.4
Otrs Otrs 2.4.5
Otrs Otrs 2.4.2
Otrs Otrs 2.4.3
NA
CVE-2010-4071
Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x prior to 2.4.9, when RichText is enabled, allows remote malicious users to inject arbitrary web script or HTML via JavaScript in an HTML e-mail.
Otrs Otrs 2.4.6
Otrs Otrs 2.4.7
Otrs Otrs 2.4.5
Otrs Otrs 2.4.4
Otrs Otrs 2.4.3
Otrs Otrs 2.4.2
Otrs Otrs 2.4.1
Otrs Otrs 2.4.8
NA
CVE-2005-3894
Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 up to and including 1.3.2 and 2.0.0 up to and including 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) hex-encoded values in the Queue...
Otrs Otrs 1.0.0
Otrs Otrs 1.3.2
Otrs Otrs 2.0.0
Otrs Otrs 2.0.1
Otrs Otrs 2.0.2
Otrs Otrs 2.0.3
1 EDB exploit
NA
CVE-2005-3893
Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 up to and including 1.3.2 and 2.0.0 up to and including 2.0.3 allow remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) user parameter in the L...
Otrs Otrs 1.0.0
Otrs Otrs 1.3.2
Otrs Otrs 2.0.2
Otrs Otrs 2.0.3
Otrs Otrs 2.0.0
Otrs Otrs 2.0.1
2 EDB exploits
NA
CVE-2005-3895
Open Ticket Request System (OTRS) 1.0.0 up to and including 1.3.2 and 2.0.0 up to and including 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which all...
Otrs Otrs 1.3.2
Otrs Otrs 2.0.0
Otrs Otrs 2.0.1
Otrs Otrs 2.0.2
Otrs Otrs 1.0.0
Otrs Otrs 2.0.3
NA
CVE-2014-9324
The GenericInterface in OTRS Help Desk 3.2.x prior to 3.2.17, 3.3.x prior to 3.3.11, and 4.0.x prior to 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors.
Otrs Otrs Help Desk 3.2.5
Otrs Otrs Help Desk 3.2.6
Otrs Otrs Help Desk 3.2.13
Otrs Otrs Help Desk 3.2.14
Otrs Otrs Help Desk 3.3.5
Otrs Otrs Help Desk 3.3.6
Otrs Otrs Help Desk 4.0.2
Otrs Otrs Help Desk 3.2.3
Otrs Otrs Help Desk 3.2.4
Otrs Otrs Help Desk 3.2.11
Otrs Otrs Help Desk 3.2.12
Otrs Otrs Help Desk 3.3.3
Otrs Otrs Help Desk 3.3.4
Otrs Otrs Help Desk 4.0.0
Otrs Otrs Help Desk 4.0.1
Otrs Otrs Help Desk 3.2.1
Otrs Otrs Help Desk 3.2.2
Otrs Otrs Help Desk 3.2.9
Otrs Otrs Help Desk 3.2.10
Otrs Otrs Help Desk 3.3.1
Otrs Otrs Help Desk 3.3.2
Otrs Otrs Help Desk 3.3.9
8.8
CVSSv3
CVE-2021-36100
Specially crafted string in OTRS system configuration can allow the execution of any system command.
Otrs Otrs Itsm
Otrs Otrs Storm
Otrs Otrs
9.8
CVSSv3
CVE-2022-4427
Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 prior to 7.0.40 Patch 1, from 8.0.1 prior to 8.0.28 Patch 1; ((OTRS)) Community Edition: from 6.0.1 up ...
Otrs Otrs 8.0.28
Otrs Otrs 7.0.40
Otrs Otrs
7.2
CVSSv3
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 up to and including 5.0.24 and 6.0.0 up to and including 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall ...
Otrs Otrs 6.0.0
Otrs Otrs 6.0.1
Otrs Otrs
9.4
CVSSv3
CVE-2016-5843
Multiple SQL injection vulnerabilities in the FAQ package 2.x prior to 2.3.6, 4.x prior to 4.0.5, and 5.x prior to 5.0.5 in Open Ticket Request System (OTRS) allow remote malicious users to execute arbitrary SQL commands via crafted search parameters.
Otrs Faq 2.3.2
Otrs Faq 2.3.3
Otrs Faq 2.1.2
Otrs Faq 2.1.3
Otrs Faq 2.0.6
Otrs Faq 2.0.7
Otrs Faq 5.0.2
Otrs Faq 5.0.1
Otrs Faq 2.2.1
Otrs Faq 2.2.2
Otrs Faq 2.2.3
Otrs Faq 2.0.2
Otrs Faq 2.0.3
Otrs Faq 4.0.1
Otrs Faq 4.0.2
Otrs Faq 2.3.0
Otrs Faq 2.3.1
Otrs Faq 2.1.0
Otrs Faq 2.1.1
Otrs Faq 2.0.4
Otrs Faq 2.0.5
Otrs Faq 4.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »