PHP remote file inclusion vulnerability in main.php in osTicket allows remote malicious users to execute arbitrary PHP code via the include_dir parameter.
osticket osticket 1