Lucene search
K

11 matches found

NVD
NVD
added 2025/12/16 5:16 a.m.13 views

CVE-2025-14777

A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...

6CVSS0.00315EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/12/16 5:2 a.m.7 views

CVE-2025-14777

A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...

6CVSS5.8AI score0.00315EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2011-5152

Malware in sbrugna...

4.3CVSS6.4AI score0.01119EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-0988

Malware in sbrugna...

4.3CVSS6.4AI score0.01074EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.4 views

PT-2025-35065

Name of the Vulnerable Software and Affected Versions: WP Ticket Customer Service Software & Support Ticket System versions through 6.0.2 Description: Deserialization of untrusted data in the software allows for object injection. Recommendations: Update WP Ticket Customer Service Software & Suppo...

8.1CVSS6.5AI score0.00303EPSS
Exploits0References4
NVD
NVD
added 2013/01/12 4:33 a.m.10 views

CVE-2011-5253

Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by supplying an authorization header...

4.3CVSS6.8AI score0.01119EPSS
Exploits0References4
OSV
OSV
added 2011/03/18 4:55 p.m.3 views

DEBIAN-CVE-2010-4763

The ACL-customer-status Ticket Type setting in Open Ticket Request System OTRS before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the 1 Status, 2 Service, and 3 Queue via selections...

6.5CVSS6.8AI score0.0157EPSS
Exploits1References1
NVD
NVD
added 2010/03/16 7:0 p.m.21 views

CVE-2010-0963

Cross-site scripting XSS vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information...

4.3CVSS5.7AI score0.01074EPSS
Exploits0References5
Prion
Prion
added 2010/03/16 7:0 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information...

4.3CVSS6.2AI score0.01074EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2010/03/16 6:26 p.m.40 views

CVE-2010-0963

The CVE-2010-0963 entry documents a Cross-site Scripting (XSS) vulnerability in the index.php of the dl Download Ticket Service prior to version 0.7, where an attacker can inject arbitrary web script or HTML via the t parameter (linked to an invalid ticket ID). Affected: dl Download Ticket Service

4.3CVSS5.9AI score0.01074EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2010/03/16 6:26 p.m.22 views

CVE-2010-0963

Cross-site scripting XSS vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. NOTE: some of these details are obtained from third party information...

5.7AI score0.01074EPSS
Exploits0References5
Rows per page
Query Builder