Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bestpractical rt 3.8.7 vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2011-1685
Best Practical Solutions RT 3.8.0 up to and including 3.8.9 and 4.0.0rc up to and including 4.0.0rc7, when the CustomFieldValuesSources (aka external custom field) option is enabled, allows remote authenticated users to execute arbitrary code via unspecified vectors, as demonstra...
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.9
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.5
Bestpractical Rt 4.0.0
383
VMScore
CVE-2011-1690
Best Practical Solutions RT 3.6.0 up to and including 3.6.10 and 3.8.0 up to and including 3.8.8 allows remote malicious users to trick users into sending credentials to an arbitrary server via unspecified vectors.
Bestpractical Rt 3.6.9
Bestpractical Rt 3.6.1
Bestpractical Rt 3.6.7
Bestpractical Rt 3.6.6
Bestpractical Rt 3.6.10
Bestpractical Rt 3.6.5
Bestpractical Rt 3.6.4
Bestpractical Rt 3.6.8
Bestpractical Rt 3.6.0
Bestpractical Rt 3.6.3
Bestpractical Rt 3.6.2
Bestpractical Rt 3.8.5
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.2
312
VMScore
CVE-2012-4730
Request Tracker (RT) 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors.
Bestpractical Rt 3.8.5
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.12
Bestpractical Rt 3.8.10
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.11
Bestpractical Rt 3.8.6
Bestpractical Rt 4.0.8
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.3
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.9
Bestpractical Rt 4.0.4
Bestpractical Rt 4.0.5
Bestpractical Rt 4.0.1
Bestpractical Rt 4.0.2
445
VMScore
CVE-2012-4734
Request Tracker (RT) 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8 allows remote malicious users to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "modify arbitrary state" via unknown vectors related to...
Bestpractical Rt 3.8.9
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.10
Bestpractical Rt 4.0.4
Bestpractical Rt 4.0.5
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.1
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.11
Bestpractical Rt 4.0.3
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.13
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.2
Bestpractical Rt 3.8.5
445
VMScore
CVE-2012-4884
Argument injection vulnerability in Request Tracker (RT) 3.8.x prior to 3.8.15 and 4.0.x prior to 4.0.8 allows remote malicious users to create arbitrary files via unspecified vectors related to the GnuPG client.
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.9
Bestpractical Rt 3.8.5
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.11
Bestpractical Rt 3.8.12
Bestpractical Rt 3.8.10
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.13
Bestpractical Rt 4.0.2
Bestpractical Rt 4.0.4
Bestpractical Rt 4.0.8
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.3
Bestpractical Rt 4.0.1
294
VMScore
CVE-2013-3368
bin/rt in Request Tracker (RT) 3.8.x prior to 3.8.17 and 4.0.x prior to 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name.
Bestpractical Rt 4.0.12
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.1
Bestpractical Rt 4.0.2
Bestpractical Rt 4.0.5
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.8
Bestpractical Rt 4.0.11
Bestpractical Rt 4.0.10
Bestpractical Rt 4.0.9
Bestpractical Rt 4.0.3
Bestpractical Rt 4.0.4
Bestpractical Rt 3.8.16
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.11
Bestpractical Rt 3.8.12
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.8
534
VMScore
CVE-2013-3369
Request Tracker (RT) 3.8.x prior to 3.8.17 and 4.0.x prior to 4.0.13 allows remote authenticated users with the permissions to view the administration pages to execute arbitrary private components via unspecified vectors.
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.16
Bestpractical Rt 3.8.11
Bestpractical Rt 3.8.12
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.9
Bestpractical Rt 3.8.10
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.15
Bestpractical Rt 3.8.5
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.5
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.9
605
VMScore
CVE-2013-3370
Request Tracker (RT) 3.8.x prior to 3.8.17 and 4.0.x prior to 4.0.13 does not properly restrict access to private callback components, which allows remote malicious users to have an unspecified impact via a direct request.
Bestpractical Rt 4.0.9
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.3
Bestpractical Rt 4.0.8
Bestpractical Rt 4.0.12
Bestpractical Rt 4.0.11
Bestpractical Rt 4.0.1
Bestpractical Rt 4.0.2
Bestpractical Rt 4.0.5
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.10
Bestpractical Rt 4.0.4
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.10
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.8
383
VMScore
CVE-2013-3374
Unspecified vulnerability in Request Tracker (RT) 3.8.x prior to 3.8.17 and 4.0.x prior to 4.0.13, when using the Apache::Session::File session store, allows remote malicious users to obtain sensitive information (user preferences and caches) via unknown vectors, related to a &qu...
Bestpractical Rt 4.0.9
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.3
Bestpractical Rt 4.0.4
Bestpractical Rt 4.0.5
Bestpractical Rt 4.0.12
Bestpractical Rt 4.0.10
Bestpractical Rt 4.0.2
Bestpractical Rt 4.0.6
Bestpractical Rt 4.0.7
Bestpractical Rt 4.0.1
Bestpractical Rt 4.0.8
Bestpractical Rt 4.0.11
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.15
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.16
Bestpractical Rt 3.8.12
Bestpractical Rt 3.8.2
383
VMScore
CVE-2013-3371
Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 up to and including 3.8.16 and 4.0.x prior to 4.0.13 allows remote malicious users to inject arbitrary web script or HTML via the filename of an attachment.
Bestpractical Rt 3.8.0
Bestpractical Rt 3.8.1
Bestpractical Rt 3.8.11
Bestpractical Rt 3.8.15
Bestpractical Rt 3.8.2
Bestpractical Rt 3.8.4
Bestpractical Rt 3.8.5
Bestpractical Rt 3.8.6
Bestpractical Rt 3.8.8
Bestpractical Rt 3.8.9
Bestpractical Rt 3.8.13
Bestpractical Rt 3.8.10
Bestpractical Rt 3.8.3
Bestpractical Rt 3.8.14
Bestpractical Rt 3.8.7
Bestpractical Rt 3.8.16
Bestpractical Rt 3.8.12
Bestpractical Rt 4.0.10
Bestpractical Rt 4.0.0
Bestpractical Rt 4.0.1
Bestpractical Rt 4.0.2
Bestpractical Rt 4.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »