3 matches found
Debian Security Advisory DSA 973-1 (otrs)
The remote host is missing an update to otrs announced via advisory DSA 973-1. Several vulnerabilities have been discovered in otrs, the Open Ticket Request System, that can be exploited remotely. The Common vulnerabilities and Exposures Project identifies the following problems: CVE-2005-3893...
CVE-2005-3893
Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System OTRS 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 user parameter in the Login action, and remote authenticated users via the...
CVE-2005-3893
OTRS Open Ticket Request System (version 1.0.0–1.3.2 and 2.0.0–2.0.3) contains SQL injection vulnerabilities in index.pl, affecting the Login action (user parameter) and AgentTicketPlain action (TicketID/ArticleID). Exploitation can lead to remote SQL execution and possible authentication bypass;...