CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-7192
https://notcve.org/view.php?id=CVE-2018-7192
27 Mar 2018 — Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter. Vulnerabilidad de Cross-Site Scripting (XSS) en /ajax.php/form/help-topic en Enhancesoft osTicket, en versiones anteriores a la 1.10.2, permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante el parámetro "message". • https://blog.securityevaluators.com/vulnerabilities-found-in-popular-ticketing-system-dd273bda229c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 4CVE-2017-15580 – osTicket 1.10.1 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2017-15580
23 Oct 2017 — osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content. osTicket 1.10.1 proporciona una funcionalidad para subir archivos html con formatos asociados. Si... • https://www.exploit-db.com/exploits/45169 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15362
https://notcve.org/view.php?id=CVE-2017-15362
16 Oct 2017 — osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?status= link, aka XSS. Session ID and data theft may follow as well as the possibility of bypassing CSRF protections, injection of iframes to establish communication channels, etc. The vulnerability is present after login into the application. This affects a different tickets.php file than CVE-2015-1176. osTicket 1.10.1 permite la ejecución de código JavaScript arbitrario en el lado ... • https://becomepentester.blogspot.ae/2017/10/osTicket-XSS-CVE-2017-15362.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14396 – osTicket 1.10 - SQL Injection (PoC)
https://notcve.org/view.php?id=CVE-2017-14396
12 Sep 2017 — In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php. En osTicket en versiones anteriores a la 1.10.1, es posible realizar una inyección SQL mediante la construcción de un array utilizando corchetes al final del nombre del parámetro, tal y como demuestra el parámetro key para file.php. • https://www.exploit-db.com/exploits/42660 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1347
https://notcve.org/view.php?id=CVE-2015-1347
23 Jan 2015 — Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket before 1.9.5.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. Vulnerabilidad de XSS en client.inc.php en osTicket anterior a 1.9.5.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro lang. • https://github.com/osTicket/osTicket-1.8/commit/b38b3ca7235002137cc9ff74b3c24a4a78c9c2d1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 2CVE-2015-1176 – osTicket 1.9.4 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-1176
22 Jan 2015 — Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action. Vulnerabilidad de XSS en upload/scp/tickets.php en osTicket anterior a 1.9.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro status en una acción de búsqueda. osTicket version 1.9.4 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/130057/osTicket-1.9.4-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 25EXPL: 2CVE-2014-4744
https://notcve.org/view.php?id=CVE-2014-4744
09 Jul 2014 — Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone Number field to open.php or (2) Phone number field, (3) passwd1 field, (4) passwd2 field, or (5) do parameter to account.php. Múltiples vulnerabilidades de XSS en osTicket anterior a 1.9.2 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de los parámetros (1) Phone Number field en open.php o (2) Phone number f... • http://secunia.com/advisories/59539 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 3CVE-2010-4634
https://notcve.org/view.php?id=CVE-2010-4634
30 Dec 2010 — Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party ** CONTROVERTIDO ** Vulnerabilidad de salto de directorio en osTicket 1.6. Permite a atacantes remotos leer ficheros arbitrariamente a través de .. (punto punto) en el paráemtro fichero de module.php, un vector diferente al de CVE-2005-1439. • http://packetstormsecurity.org/1011-exploits/osticket-lfi.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 4CVE-2010-0605 – osTicket 1.6 RC5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-0605
11 Feb 2010 — SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter. Vulnerabilidad de inyección SQL en scp/ajax.php en osTicket v1.6.0 Stable, permite a usuarios autenticados remotamente, con permisos de "staff", ejecutar comandos SQL de su elección a través del parámetro "input". • https://www.exploit-db.com/exploits/11380 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 1CVE-2010-0606
https://notcve.org/view.php?id=CVE-2010-0606
11 Feb 2010 — Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related to an error message generated by scp/admin.php. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en scp/ajax.php en osTicket anterior a v1.6.0 Stable, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML de su elección a través del parámetro "f", p... • http://osticket.com/forums/project.php?issueid=176 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •