Lucene search
K

5 matches found

Circl
Circl
added 2024/02/28 5:7 p.m.4 views

CVE-2013-2625

creationtimestamp| type| source ---|---|--- 2024-02-28 17:07:35+00:00| seen| https://t.me/ctinow/195668...

6.5CVSS6.8AI score0.01291EPSS
Exploits0References1
NVD
NVD
added 2019/11/27 7:15 p.m.22 views

CVE-2013-2625

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified...

6.5CVSS6.7AI score0.01291EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/08/02 12:0 a.m.39 views

Debian Security Advisory DSA 2733-1 (otrs2 - SQL injection)

It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise user-supplied data that is used on SQL queries. An attacker with a valid agent login could exploit this issue to craft SQL queries by injecting arbitrary SQL code through manipulated URLs. OpenVAS Vulnerabili...

4.3CVSS0.4AI score0.05792EPSS
Exploits2References1
OSV
OSV
added 2013/08/02 12:0 a.m.51 views

DSA-2733-1 otrs2 - SQL injection

Bulletin has no description...

8.8CVSS6.5AI score0.01322EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/04/08 12:0 a.m.23 views

FreeBSD : otrs -- Information disclosure and Data manipulation (eae8e3cf-9dfe-11e2-ac7f-001fd056c417)

The OTRS Project reports : An attacker with a valid agent login could manipulate URLs in the object linking mechanism to see titles of tickets and other objects that are not obliged to be seen. Furthermore, links to objects without permission can be placed and removed. %NASLMINLEVEL 70300 C Tenab...

6.5CVSS6.8AI score0.01291EPSS
Exploits0References3
Rows per page
Query Builder