Lucene search
K

6 matches found

0day.today
0day.today
added 2019/08/13 12:0 a.m.40 views

osTicket 1.12 - Persistent Cross-Site Scripting via File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: osTicket-v1.12 Stored XSS via File Upload Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website: https://about.me/aishiy...

3.5CVSS5.8AI score0.02733EPSS
Exploits5
Circl
Circl
added 2019/08/12 12:0 a.m.17 views

CVE-2019-14748

creationtimestamp| type| source ---|---|--- 2019-08-12 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47224...

5.4CVSS6.8AI score0.02733EPSS
Exploits5References1
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.245 views

osTicket 1.12 - Persistent Cross-Site Scripting via File Upload

Exploit Title: osTicket-v1.12 Stored XSS via File Upload Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website: https://about.me/aishiyer Category: webapps CVE: CVE-2019-14748 1. Descriptio...

5.4CVSS6.2AI score0.02733EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/12 12:0 a.m.55 views

osTicket 1.12 - Persistent Cross-Site Scripting via File Upload

osTicket 1.12 - Persistent Cross-Site Scripting via File Upload Exploit Title: osTicket-v1.12 Stored XSS via File Upload Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website:...

3.5CVSS5.8AI score0.02733EPSS
Exploits5
OpenVAS
OpenVAS
added 2019/08/09 12:0 a.m.81 views

osTicket < 1.10.7, 1.12.x < 1.12.1 Multiple Vulnerabilities

osTicket is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6.2AI score0.11687EPSS
Exploits13References2
CVE
CVE
added 2019/08/07 4:38 p.m.87 views

CVE-2019-14748

CVE-2019-14748 affects osTicket versions prior to 1.10.7 and 1.12.x prior to 1.12.1. The ticket creation form allows file uploads without sufficient content validation and improper output handling, causing persistent XSS (e.g., uploading a .html file) that can lead to cookie theft or malicious ac...

5.4CVSS5.5AI score0.02733EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder