Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otrs otrs 6.0.1 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 up to and including 5.0.24 and 6.0.0 up to and including 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall ...
Otrs Otrs 6.0.0
Otrs Otrs 6.0.1
Otrs Otrs
9
CVSSv2
CVE-2017-16921
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of ...
Otrs Otrs 5.0.7
Otrs Otrs 4.0.15
Otrs Otrs 5.0.16
Otrs Otrs 4.0.18
Otrs Otrs 5.0.10
Otrs Otrs 4.0.7
Otrs Otrs 4.0.3
Otrs Otrs 4.0.8
Otrs Otrs 4.0.9
Otrs Otrs 5.0.14
Otrs Otrs 4.0.22
Otrs Otrs 4.0.10
Otrs Otrs 5.0.15
Otrs Otrs 5.0.0
Otrs Otrs 4.0.6
Otrs Otrs 4.0.12
Otrs Otrs 4.0.16
Otrs Otrs 5.0.18
Otrs Otrs 4.0.23
Otrs Otrs 5.0.8
Otrs Otrs 4.0.20
Otrs Otrs 4.0.4
1 EDB exploit
5
CVSSv2
CVE-2021-36095
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG ((OTRS)) Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions.
Otrs Otrs
5
CVSSv2
CVE-2021-36093
It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8....
Otrs Otrs
4.3
CVSSv2
CVE-2021-36092
It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x versio...
Otrs Otrs
4.3
CVSSv2
CVE-2021-21441
There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intracti...
Otrs Otrs
4.3
CVSSv2
CVE-2021-21439
DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and...
Otrs Otrs
4
CVSSv2
CVE-2021-36096
Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior v...
Otrs Otrs
4
CVSSv2
CVE-2021-21443
Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions before 7.0.27.
Otrs Otrs
4
CVSSv2
CVE-2021-36091
Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions before 7.0.27.
Otrs Otrs
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »