Lucene search
+L

463 matches found

Positive Technologies
Positive Technologies
added 2023/01/25 12:0 a.m.5 views

PT-2023-9271 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.12 GLPI versions prior to 10.0.6 Description: The issue is related to improper privilege management, allowing any user with access to the standard interface to export data of almost any GLPI item type, including...

10CVSS6.5AI score0.99628EPSS
Exploits40References202
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.5 views

Movie Ticket Booking System 安全漏洞

Movie Ticket Booking System is a movie ticket booking system by Aman sharma individual developer. Movie Ticket Booking System has a security vulnerability that stems from a problem with unknown code in the file booking.php, where manipulation of the parameter id can lead to sql injection...

9.8CVSS8.2AI score0.00496EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.6 views

OTRS 安全漏洞

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS version 8.0.x, version 7.0.x. An attacker exploits the vulnerability to send specially crafted emails with numerous recipients and trigger a denial of service attack...

7.5CVSS5.3AI score0.00562EPSS
Exploits0References3
CNVD
CNVD
added 2022/09/28 12:0 a.m.25 views

WordPress YDS Support Ticket System Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS8.7AI score0.00306EPSS
Exploits0References1
NVD
NVD
added 2022/09/23 3:15 p.m.21 views

CVE-2022-36388

Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...

8.8CVSS0.00306EPSS
Exploits0References2
OSV
OSV
added 2022/09/23 3:15 p.m.3 views

CVE-2022-36388

Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...

8.8CVSS5.8AI score0.00306EPSS
Exploits0References2
Prion
Prion
added 2022/09/23 3:15 p.m.22 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...

6.8CVSS8.7AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/23 2:31 p.m.64 views

CVE-2022-36388

CVE-2022-36388 : A CSRF vulnerability exists in the WordPress plugin “YDS Support Ticket System” up to version 1.0. The root cause is insufficient CSRF validation in the plugin, allowing an attacker to trick an authenticated user into performing unwanted actions. Reported CVSS v3.1 base metrics i...

8.8CVSS7.1AI score0.00306EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/23 2:31 p.m.3 views

CVE-2022-36388 WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...

5.4CVSS8AI score0.00306EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.6 views

PT-2022-23347 · Unknown · Yds Support Ticket System

Name of the Vulnerable Software and Affected Versions: YDS Support Ticket System plugin versions = 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on the web...

8.8CVSS8.6AI score0.00306EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/23 12:0 a.m.6 views

WordPress plugin YDS Support Ticket System 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS6.7AI score0.00306EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2022/09/12 12:0 a.m.24 views

YDS Support Ticket System <= 1.0 - Cross-Site Request Forgery

The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions...

8.8CVSS4.5AI score0.00306EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/12 12:0 a.m.35 views

WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress YDS Support Ticket System plugin versions = 1.0. Solution No patched version is available. No reply from the vendor...

8.8CVSS3.5AI score0.00306EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.10 views

The vulnerability of the OTRS ticket request system, related to the lack of measures taken to protect the website structure, allows a hacker to carry out XSS attacks.

The vulnerability of the OTRS ticket request system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

5.5CVSS5.4AI score0.00469EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.10 views

The vulnerability of the OTRS ticket request administration interface, related to the lack of protective measures for the website structure, allows a hacker to carry out XSS attacks.

The vulnerability of the OTRS ticket request administration interface is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.4AI score0.00531EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/09/05 7:15 a.m.5 views

CVE-2022-39049

An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS...

4.8CVSS5.9AI score0.00531EPSS
Exploits0References1
OSV
OSV
added 2022/09/05 7:15 a.m.3 views

UBUNTU-CVE-2022-39049

An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS...

4.8CVSS5.9AI score0.00531EPSS
Exploits0References3
CNVD
CNVD
added 2022/06/15 12:0 a.m.21 views

HelpDeskZ cross-site scripting vulnerability (CNVD-2022-59046)

HelpDeskZ is a PHP-based software that allows you to manage your site's support using a web-based support ticket system. Provides quality support. A cross-site scripting vulnerability exists in HelpDeskZ version v2.0.2, which stems from a lack of parameter filtering and escaping in...

4.8CVSS5AI score0.00534EPSS
Exploits1References1
OSV
OSV
added 2022/06/02 2:15 p.m.5 views

CVE-2022-30817

Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php...

9.8CVSS7.4AI score0.01081EPSS
Exploits1References1
NVD
NVD
added 2022/06/02 2:15 p.m.20 views

CVE-2022-30817

Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php...

9.8CVSS0.01081EPSS
Exploits1References1
Rows per page
Query Builder