Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2021-45811

Published: 08/09/2023 Updated: 18/09/2023
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated malicious users to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

enhancesoft osticket

References

CWE-89http://enhancesoft.comhttps://members.backbox.org/osticket-sql-injection/http://osticket.comhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of serviceCVE-2024-27371CVE-2024-20405CVE-2024-31627CVE-2024-31625race conditionCVE-2024-4358cross-site scriptingCVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook