CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-11537 – osTicket 1.11 - Cross-Site Scripting / Local File Inclusion
https://notcve.org/view.php?id=CVE-2019-11537
25 Apr 2019 — In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and /upload/scp/ajax.php/users/import if an agent manager user uploads a crafted .csv file to the User Importer, because file contents can appear in an error message. The XSS can lead to local file inclusion. En osTicket versiones anteriores a 1.12, tiene una vulnerabilidad de Cross-Site Scripting (XSS) a través de /upload/file.php, /upload/scp/users.php?do=import-users, y /upload/scp/ajax.php/users/import si un... • https://www.exploit-db.com/exploits/46753 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7193
https://notcve.org/view.php?id=CVE-2018-7193
27 Mar 2018 — Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "order" parameter. Vulnerabilidad de Cross-Site Scripting (XSS) en /scp/directory.php en Enhancesoft osTicket, en versiones anteriores a la 1.10.2, permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante el parámetro "order". • https://blog.securityevaluators.com/vulnerabilities-found-in-popular-ticketing-system-dd273bda229c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7196
https://notcve.org/view.php?id=CVE-2018-7196
27 Mar 2018 — Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter. Vulnerabilidad de Cross-Site Scripting (XSS) en /scp/index.php en Enhancesoft osTicket, en versiones anteriores a la 1.10.2, permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante el parámetro "sort". • https://blog.securityevaluators.com/vulnerabilities-found-in-popular-ticketing-system-dd273bda229c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7194
https://notcve.org/view.php?id=CVE-2018-7194
27 Mar 2018 — Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting. Vulnerabilidad de formato de enteros en el generador de números de ticket en versiones anteriores a la 1.10.2 de Enhancesoft osTicket permite que atacantes remotos provoquen una denegación de servicio (evitando la creación de nuevos tickets) mediante un ... • https://blog.securityevaluators.com/vulnerabilities-found-in-popular-ticketing-system-dd273bda229c • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7195
https://notcve.org/view.php?id=CVE-2018-7195
27 Mar 2018 — Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is known) by leveraging guest access and guessing a 6-digit number. Enhancesoft osTicket en versiones anteriores a la 1.10.2 permite que atacantes remotos restablezcan contraseñas arbitrarias (cuando se conoce una dirección de correo electrónico asociada), aprovechando el acceso de invitado y adivinando un número de 6 dígitos. • https://blog.securityevaluators.com/vulnerabilities-found-in-popular-ticketing-system-dd273bda229c •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7192
https://notcve.org/view.php?id=CVE-2018-7192
27 Mar 2018 — Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter. Vulnerabilidad de Cross-Site Scripting (XSS) en /ajax.php/form/help-topic en Enhancesoft osTicket, en versiones anteriores a la 1.10.2, permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante el parámetro "message". • https://blog.securityevaluators.com/vulnerabilities-found-in-popular-ticketing-system-dd273bda229c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 4CVE-2017-15580 – osTicket 1.10.1 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2017-15580
23 Oct 2017 — osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content. osTicket 1.10.1 proporciona una funcionalidad para subir archivos html con formatos asociados. Si... • https://www.exploit-db.com/exploits/45169 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15362
https://notcve.org/view.php?id=CVE-2017-15362
16 Oct 2017 — osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish communication channels, etc. The vulnerability is present after login into the application. This affects a different tickets.php file than CVE-2015-1176. osTicket 1.10.1 permite la ejecución de código JavaScript arbitrario en el lado ... • https://becomepentester.blogspot.ae/2017/10/osTicket-XSS-CVE-2017-15362.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •