CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

310 matches found

RedhatCVE•added 2026/06/05 7:13 p.m.•9 views

CVE-2026-48188

An improper Input Validation vulnerability in OTRS or OTRS Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NOBACKSLASHESCAPES SQL mode...

9.1CVSS5.6AI score0.00362EPSS

Exploits1References1

EUVD•added 2026/03/23 9:30 p.m.•3 views

EUVD-2025-208946

A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...

5.8AI score0.00292EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 10:27 a.m.•9 views

CVE-2008-7277

Open Ticket Request System OTRS before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authenticated users to bypass intended access restrictions by merging two tickets...

6.5CVSS6.7AI score0.01508EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:27 a.m.•7 views

CVE-2008-7283

Open Ticket Request System OTRS before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to tickets by leveraging queue read permissions...

6CVSS6.5AI score0.00898EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:18 a.m.•7 views

CVE-2019-18179

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn'...

4.3CVSS6.6AI score0.01313EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:30 a.m.•8 views

CVE-2019-16375

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.11, and Community Edition 5.0.x through 5.0.37 and 6.0.x through 6.0.22. An attacker who is logged in as an agent or customer user with appropriate permissions can create a carefully crafted string containing malicious...

5.4CVSS6.8AI score0.01123EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:29 a.m.•7 views

CVE-2019-12497

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents e.g., Name and mail address can be disclosed in external notes...

5.3CVSS6.6AI score0.02008EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2018-9624

Malware in sbrugna...

6.1CVSS6.1AI score0.00443EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-4729

Malware in sbrugna...

5CVSS6.2AI score0.01466EPSS

Exploits0References3