CVE-2025-14777

A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...

CVE-2025-14777

A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...

EUVD-2011-5152

Malware in sbrugna...

EUVD-2010-0988

Malware in sbrugna...

PT-2025-35065

Name of the Vulnerable Software and Affected Versions: WP Ticket Customer Service Software & Support Ticket System versions through 6.0.2 Description: Deserialization of untrusted data in the software allows for object injection. Recommendations: Update WP Ticket Customer Service Software & Suppo...

CVE-2011-5253

Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header...

DEBIAN-CVE-2010-4763

The ACL-customer-status Ticket Type setting in Open Ticket Request System OTRS before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the 1 Status, 2 Service, and 3 Queue via selections...

CVE-2010-0963

Cross-site scripting XSS vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information...

CVE-2010-0963

Cross-site scripting XSS vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information...

CVE-2010-0963

The CVE-2010-0963 entry documents a Cross-site Scripting (XSS) vulnerability in the index.php of the dl Download Ticket Service prior to version 0.7, where an attacker can inject arbitrary web script or HTML via the t parameter (linked to an invalid ticket ID). Affected: dl Download Ticket Service