Vulnerabilities
Vulnerable Software
Osticket:  Security Vulnerabilities
PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the include_dir parameter.
CVSS Score
7.5
EPSS Score
0.015
Published
2005-05-03
osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.
CVSS Score
7.5
EPSS Score
0.099
Published
2004-12-06
osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers to upload a file of any size.
CVSS Score
6.4
EPSS Score
0.012
Published
2004-12-06


Contact Us

Shodan ® - All rights reserved