cbcvebase.

Osticket Sts vulnerabilities

4 known vulnerabilities affecting osticket/osticket_sts.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2004-0613P3HIGHCVSS 7.5PoCv1.22004-12-06
CVE-2004-0613 [HIGH] CVE-2004-0613: osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary cod osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
nvd
CVE-2005-2154P3HIGHCVSS 7.5PoCv1.2v1.2.7+1 more2005-07-06
CVE-2005-2154 [HIGH] CVE-2005-2154: PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and e PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.
nvd
CVE-2006-6733P4MEDIUMCVSS 4.3PoCv1.2.7v1.3_beta2006-12-26
CVE-2006-6733 [MEDIUM] CWE-79 CVE-2006-6733: Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows re Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows remote attackers to inject arbitrary web script or HTML via the e parameter.
nvd
CVE-2005-2153P3HIGHCVSS 7.5v1.2v1.2.7+1 more2005-07-06
CVE-2005-2153 [HIGH] CVE-2005-2153: SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote att SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable.
nvd