CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59 matches found

EUVD•added 2026/01/12 6:34 p.m.•7 views

EUVD-2026-1918

Enhancesoft osTicket versions up to and including 1.18.2 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficiently sanitized before bein...

8.7CVSS5.8AI score0.73125EPSS

Exploits3References5

CNNVD•added 2026/01/12 12:0 a.m.•5 views

Enhancesoft osTicket 注入漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, Inc. in the United States. An injection vulnerability exists in Enhancesoft osTicket 1.18.2 and earlier versions, which stems from the presence of arbitrary file reads in the ticket PDF export function, which could lead to ...

8.7CVSS6.9AI score0.73125EPSS

Exploits3References6

RedhatCVE•added 2026/01/09 10:48 a.m.•44 views

CVE-2022-31890

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function...

9.8CVSS8AI score0.01503EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:48 a.m.•9 views

CVE-2022-31889

Cross Site Scripting XSS vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae...

6.1CVSS5.9AI score0.00651EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:46 a.m.•5 views

CVE-2022-31888

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2...

8.8CVSS6.9AI score0.01214EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2018-18938

Malware in sbrugna...

6.1CVSS6.3AI score0.02482EPSS

Exploits1References2