Lucene search
+L

463 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.21 views

PT-2026-45264

An improper neutralization of active SVG content in OTRS or OTRS Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to browser-side resource exhaustion and denial of service when affected tickets are opened by an agent o...

6.5CVSS5.9AI score0.00333EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper input validation in the client backend module, which may allow access to...

5.7CVSS5.3AI score0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in OTRS versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X, as well as in the Community Edition 6.0.x version. These vulnerabilities stem from improper input validation ...

9.1CVSS5.6AI score0.00362EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/29 6:49 a.m.17 views

CVE-2026-41076

A flaw was found in RT, an open-source issue and ticket tracking system. This vulnerability allows a remote attacker to bypass authentication in RT installations configured to use LDAP/AD Lightweight Directory Access Protocol/Active Directory for user authentication. Under specific LDAP server...

8.1CVSS5.8AI score0.00392EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/22 9:12 p.m.15 views

EUVD-2026-31506

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References2
NVD
NVD
added 2026/05/20 8:16 p.m.12 views

CVE-2026-35007

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in singleunit.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id GET parameter directly into an HTML attribute. Attackers can craft a maliciou...

5.1CVSS0.00221EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/21 12:21 p.m.9 views

SUSE CVE-2026-6060

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...

4.5CVSS5.7AI score0.00191EPSS
Exploits0References3
NVD
NVD
added 2026/04/20 7:16 p.m.9 views

CVE-2026-6060

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...

4.5CVSS0.00191EPSS
Exploits0References1
OSV
OSV
added 2026/04/20 7:16 p.m.7 views

UBUNTU-CVE-2026-6060

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...

4.5CVSS5.8AI score0.00191EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/20 6:20 p.m.39 views

CVE-2026-6060 Possible DoS via SQL Box

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...

4.5CVSS0.00191EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.10 views

PT-2026-33824

A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against the webserver. will be killed by the systemThis issue affects OTRS: 7.0.X 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.3.X...

4.5CVSS5.7AI score0.00191EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.4 views

CVE-2026-5555

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/05 12:30 p.m.5 views

EUVD-2026-19056

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/05 12:30 p.m.4 views

EUVD-2026-19058

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/05 9:15 a.m.34 views

CVE-2026-5555 code-projects Concert Ticket Reservation System Parameter login.php sql injection

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS0.00259EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/05 9:0 a.m.2 views

CVE-2026-5554 code-projects Concert Ticket Reservation System Parameter process_search.php sql injection

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 9:0 a.m.2 views

CVE-2026-5554

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

7.5CVSS5.7AI score0.00259EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/05 9:0 a.m.34 views

CVE-2026-5554 code-projects Concert Ticket Reservation System Parameter process_search.php sql injection

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/processsearch.php of the component Parameter Handler. Performing a manipulation of the argument...

7.5CVSS0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.9 views

PT-2026-30425

A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parameter Handler. Executing a manipulation of the argument Email can lead to sql injection. The attack...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.5 views

PT-2026-30424

A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/process search.php of the component Parameter Handler. Performing a manipulation of the argument...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References6
Rows per page
Query Builder