Osticket Osticket Sts version 1.2 : Security vulnerabilities, CVEs

cpe:2.3:a:osticket:osticket_sts:1.2:*:*:*:*:*:*:*

Copy

CVE-2005-2154

PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.

Max CVSS

7.5

EPSS Score

1.24%

Published

2005-07-06

Updated

2008-09-05

CVE-2005-2153

SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable.

Max CVSS

7.5

EPSS Score

0.19%

Published

2005-07-06

Updated

2008-09-05

CVE-2004-0613

osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.

Max CVSS

7.5

EPSS Score

11.71%

Published

2004-12-06

Updated

2017-07-11

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!