463 matches found
PT-2023-9271 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.12 GLPI versions prior to 10.0.6 Description: The issue is related to improper privilege management, allowing any user with access to the standard interface to export data of almost any GLPI item type, including...
Movie Ticket Booking System 安全漏洞
Movie Ticket Booking System is a movie ticket booking system by Aman sharma individual developer. Movie Ticket Booking System has a security vulnerability that stems from a problem with unknown code in the file booking.php, where manipulation of the parameter id can lead to sql injection...
OTRS 安全漏洞
OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS version 8.0.x, version 7.0.x. An attacker exploits the vulnerability to send specially crafted emails with numerous recipients and trigger a denial of service attack...
WordPress YDS Support Ticket System Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2022-36388
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
CVE-2022-36388
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
CVE-2022-36388
CVE-2022-36388 : A CSRF vulnerability exists in the WordPress plugin “YDS Support Ticket System” up to version 1.0. The root cause is insufficient CSRF validation in the plugin, allowing an attacker to trick an authenticated user into performing unwanted actions. Reported CVSS v3.1 base metrics i...
CVE-2022-36388 WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
PT-2022-23347 · Unknown · Yds Support Ticket System
Name of the Vulnerable Software and Affected Versions: YDS Support Ticket System plugin versions = 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on the web...
WordPress plugin YDS Support Ticket System 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
YDS Support Ticket System <= 1.0 - Cross-Site Request Forgery
The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions...
WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress YDS Support Ticket System plugin versions = 1.0. Solution No patched version is available. No reply from the vendor...
The vulnerability of the OTRS ticket request system, related to the lack of measures taken to protect the website structure, allows a hacker to carry out XSS attacks.
The vulnerability of the OTRS ticket request system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
The vulnerability of the OTRS ticket request administration interface, related to the lack of protective measures for the website structure, allows a hacker to carry out XSS attacks.
The vulnerability of the OTRS ticket request administration interface is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2022-39049
An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS...
UBUNTU-CVE-2022-39049
An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS...
HelpDeskZ cross-site scripting vulnerability (CNVD-2022-59046)
HelpDeskZ is a PHP-based software that allows you to manage your site's support using a web-based support ticket system. Provides quality support. A cross-site scripting vulnerability exists in HelpDeskZ version v2.0.2, which stems from a lack of parameter filtering and escaping in...
CVE-2022-30817
Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php...
CVE-2022-30817
Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php...