2 matches found
CVE-2007-2800
CVE-2007-2800 affects eTicket up to version 1.5.5.1, where index.php accepts name[], email[], phone[], or subject[] parameters and reveals the server installation path in error messages. Exploitation involves constructing requests such as index.php?name[]=… and reading path leakage in the respons...
[Full-disclosure] eTicket version 1.5.5 Path Disclosure Vulnerability
netVigilance Security Advisory 30 eTicket version 1.5.5 Path Disclosure Vulnerability Description: eTicket is an electronic open source support ticket system based on osTicket, that can receive tickets via email pop3 or pipe and a web-based form, as well as manage them using a web interface...