Osticket : Security Vulnerabilities, CVEs, CVSS score >= 9
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
Max CVSS
9.8
EPSS Score
73.57%
Published
2020-11-02
Updated
2021-01-30
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content.
Max CVSS
9.8
EPSS Score
4.00%
Published
2017-10-23
Updated
2019-03-26
In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php.
Max CVSS
9.8
EPSS Score
0.21%
Published
2017-09-12
Updated
2017-09-21
3 vulnerabilities found