25 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-52204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter CVE-2025-52204 Note tha...
EUVD-2025-208946
A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...
CVE-2025-52204
A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...
DEBIAN-CVE-2025-52204
A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...
CVE-2025-52204
A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...
CVE-2025-52204
Znuny ITSM 6.5.x is vulnerable to a Cross-Site Scripting (XSS) in the customer.pl endpoint via the OTRSCustomerInterface parameter. The issue, observed across Znuny versions (e.g., Znuny 6.5.x; confirmed in 6.5.9/6.5.17), is caused by unsanitized input that can inject arbitrary HTML/JavaScript in...
CVE-2025-52204
A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...
EUVD-2010-4727
Malware in sbrugna...
EUVD-2010-4726
Malware in sbrugna...
Easy!Appointments Security Vulnerability
Easy!Appointments is a web-based appointment and schedule management system. A security vulnerability exists in Easy!Appointments, which stems from an insecure authorization issue in the /customers/customerId interface. A low-privilege attacker can exploit this vulnerability to obtain, modify, or...
NVV Ticket Krauth ATM - (NaN) Devide by Zero Vulnerability
Document Title: =============== NVV Ticket Krauth ATM - NaN Devide by Zero Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1837 View Video: https://www.youtube.com/watch?v=iIT4gcboKjk Release Date: ============= 2016-04-25 Vulnerability Laboratory ID VL-ID...
ReadyDesk Cross Site Scripting
Exploit Title: ReadyDesk Cross Site Scripting Date: 19.04.2012 Author: Sony Software Link: http://www.readydesk.com/ Google Dorks: powered by readydesk Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC: http://st2tea.blogspot.com/2012/04/readydesk-cross-site-scripting.html...
CVE-2010-4762
Cross-site scripting XSS vulnerability in the rich-text-editor component in Open Ticket Request System OTRS before 3.0.0-beta2 allows remote authenticated users to inject arbitrary web script or HTML by using the "source code" feature in the customer interface...
CVE-2010-4761
The customer-interface ticket-print dialog in Open Ticket Request System OTRS before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the 1 responsible, 2 owner, 3 accounted time, 4 pending until...
DEBIAN-CVE-2011-1433
The 1 AgentInterface and 2 CustomerInterface components in Open Ticket Request System OTRS before 3.0.6 place cleartext credentials into the session data in the database, which makes it easier for context-dependent attackers to obtain sensitive information by reading the UserLogin and UserPW fiel...
CVE-2010-4761
The customer-interface ticket-print dialog in Open Ticket Request System OTRS before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the 1 responsible, 2 owner, 3 accounted time, 4 pending until...
Design/Logic Flaw
The customer-interface ticket-print dialog in Open Ticket Request System OTRS before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the 1 responsible, 2 owner, 3 accounted time, 4 pending until...
CVE-2010-4761
The customer-interface ticket-print dialog in Open Ticket Request System OTRS before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the 1 responsible, 2 owner, 3 accounted time, 4 pending until...
CVE-2010-4762
Cross-site scripting XSS vulnerability in the rich-text-editor component in Open Ticket Request System OTRS before 3.0.0-beta2 allows remote authenticated users to inject arbitrary web script or HTML by using the "source code" feature in the customer interface...
Cross site scripting
Cross-site scripting XSS vulnerability in the rich-text-editor component in Open Ticket Request System OTRS before 3.0.0-beta2 allows remote authenticated users to inject arbitrary web script or HTML by using the "source code" feature in the customer interface...