Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-18180
Improper Check for filenames with overly long extensions in PostMaster (sending in email) or uploading files (e.g. attaching files to mails) of ((OTRS)) Community Edition and OTRS allows an remote malicious user to cause an endless loop. This issue affects: OTRS AG: ((OTRS)) Comm...
Otrs Otrs
6.4
CVSSv2
CVE-2013-2625
An Access Bypass issue exists in OTRS Help Desk prior to 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM prior to 3.2.3, 3.1.8, and 3.0.7, and FAQ prior to 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified
Otrs Faq
Otrs Otrs Help Desk
Otrs Otrs Itsm
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
4
CVSSv2
CVE-2019-13458
An issue exists in Open Ticket Request System (OTRS) 7.0.x up to and including 7.0.8, and Community Edition 5.0.x up to and including 5.0.36 and 6.0.x up to and including 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS n...
Otrs Otrs
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2019-12746
An issue exists in Open Ticket Request System (OTRS) Community Edition 5.0.x up to and including 5.0.36 and 6.0.x up to and including 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with thi...
Otrs Otrs
Debian Debian Linux 8.0
4.9
CVSSv2
CVE-2018-11563
An issue exists in Open Ticket Request System (OTRS) 6.0.x up to and including 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged in customer's browser in the context of the OTRS customer panel applica...
Otrs Otrs
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2019-12248
An issue exists in Open Ticket Request System (OTRS) 7.0.x up to and including 7.0.7, Community Edition 6.0.x up to and including 6.0.19, and Community Edition 5.0.x up to and including 5.0.36. An attacker could send a malicious email to an OTRS system. If a logged-in agent user ...
Otrs Otrs
Debian Debian Linux 8.0
5
CVSSv2
CVE-2019-12497
An issue exists in Open Ticket Request System (OTRS) 7.0.x up to and including 7.0.8, Community Edition 6.0.x up to and including 6.0.19, and Community Edition 5.0.x up to and including 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and m...
Otrs Otrs
Debian Debian Linux 8.0
4
CVSSv2
CVE-2019-9753
An issue exists in Open Ticket Request System (OTRS) 7.x prior to 7.0.5. An attacker who is logged into OTRS as an agent or a customer user can use the search result screens to disclose information from invalid system entities. Following is the list of affected entities: Custom P...
Otrs Otrs
4
CVSSv2
CVE-2019-9892
An issue exists in Open Ticket Request System (OTRS) 5.x up to and including 5.0.34, 6.x up to and including 6.0.17, and 7.x up to and including 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Sta...
Otrs Otrs
Debian Debian Linux 8.0
3.5
CVSSv2
CVE-2019-10066
An issue exists in Open Ticket Request System (OTRS) 7.x up to and including 7.0.6, Community Edition 6.0.x up to and including 6.0.17, and OTRSAppointmentCalendar 5.0.x up to and including 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may c...
Otrs Otrs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »