CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14396 – osTicket 1.10 - SQL Injection (PoC)
https://notcve.org/view.php?id=CVE-2017-14396
12 Sep 2017 — In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php. En osTicket en versiones anteriores a la 1.10.1, es posible realizar una inyección SQL mediante la construcción de un array utilizando corchetes al final del nombre del parámetro, tal y como demuestra el parámetro key para file.php. • https://www.exploit-db.com/exploits/42660 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1347
https://notcve.org/view.php?id=CVE-2015-1347
23 Jan 2015 — Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket before 1.9.5.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. Vulnerabilidad de XSS en client.inc.php en osTicket anterior a 1.9.5.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro lang. • https://github.com/osTicket/osTicket-1.8/commit/b38b3ca7235002137cc9ff74b3c24a4a78c9c2d1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 2CVE-2015-1176 – osTicket 1.9.4 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-1176
22 Jan 2015 — Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action. Vulnerabilidad de XSS en upload/scp/tickets.php en osTicket anterior a 1.9.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro status en una acción de búsqueda. osTicket version 1.9.4 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/130057/osTicket-1.9.4-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 25EXPL: 2CVE-2014-4744
https://notcve.org/view.php?id=CVE-2014-4744
09 Jul 2014 — Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone Number field to open.php or (2) Phone number field, (3) passwd1 field, (4) passwd2 field, or (5) do parameter to account.php. Múltiples vulnerabilidades de XSS en osTicket anterior a 1.9.2 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de los parámetros (1) Phone Number field en open.php o (2) Phone number f... • http://secunia.com/advisories/59539 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 3CVE-2010-4634
https://notcve.org/view.php?id=CVE-2010-4634
30 Dec 2010 — Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party ** CONTROVERTIDO ** Vulnerabilidad de salto de directorio en osTicket 1.6. Permite a atacantes remotos leer ficheros arbitrariamente a través de .. (punto punto) en el paráemtro fichero de module.php, un vector diferente al de CVE-2005-1439. • http://packetstormsecurity.org/1011-exploits/osticket-lfi.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 4CVE-2010-0605 – osTicket 1.6 RC5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-0605
11 Feb 2010 — SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter. Vulnerabilidad de inyección SQL en scp/ajax.php en osTicket v1.6.0 Stable, permite a usuarios autenticados remotamente, con permisos de "staff", ejecutar comandos SQL de su elección a través del parámetro "input". • https://www.exploit-db.com/exploits/11380 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 1CVE-2010-0606
https://notcve.org/view.php?id=CVE-2010-0606
11 Feb 2010 — Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related to an error message generated by scp/admin.php. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en scp/ajax.php en osTicket anterior a v1.6.0 Stable, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML de su elección a través del parámetro "f", p... • http://osticket.com/forums/project.php?issueid=176 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 7%CPEs: 4EXPL: 3CVE-2009-2361 – osTicket 1.6 RC4 - Admin Login Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-2361
08 Jul 2009 — SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter. Vulnerabilidad de inyección SQL en include/class.staff.php en osTicket before v1.6 RC5 permite a atacantes remotos ejecutar comandos SQL a su elección a través del parámetro staff username. • https://www.exploit-db.com/exploits/9032 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.8EPSS: 24%CPEs: 2EXPL: 2CVE-2005-1436
https://notcve.org/view.php?id=CVE-2005-1436
03 May 2005 — Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket. • http://secunia.com/advisories/15216 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2005-1437
https://notcve.org/view.php?id=CVE-2005-1437
03 May 2005 — Multiple SQL injection vulnerabilities in osTicket allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php. • http://secunia.com/advisories/15216 •