Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

aishwarya iyer vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2019-147481
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, ...
NA
CVE-2019-147482
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, ...
NA
CVE-2019-147491
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes ...
5.4
CVSSv3
CVE-2019-14748
An issue exists in osTicket prior to 1.10.7 and 1.12.x prior to 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is...
Osticket Osticket
NA
CVE-2019-147501
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in thos...
8.8
CVSSv3
CVE-2019-14749
An issue exists in osTicket prior to 1.10.7 and 1.12.x prior to 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the...
Osticket Osticket
NA
CVE-2019-147492
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes ...
6.1
CVSSv3
CVE-2019-14750
An issue exists in osTicket prior to 1.10.7 and 1.12.x prior to 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields lead...
Osticket Osticket
NA
CVE-2019-147502
An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in thos...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook