osTicket allows remote malicious users to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osticket osticket sts 1.2 |