EUVD-2022-53221

Malicious code in bioql PyPI...

EUVD-2022-53349

Malicious code in bioql PyPI...

CVE-2022-32074

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

CVE-2022-31890

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function...

CVE-2022-31889

Cross Site Scripting XSS vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae...

CVE-2022-31890

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function...

Sql injection

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function...

Enhancesoft osTicket 跨站脚本漏洞

Enhancesoft osTicket is an open source ticketing system from Enhancesoft, USA. A security vulnerability exists in osTicket osTicket-plugins, which stems from the discovery of a cross-site scripting XSS vulnerability contained in audit/templates/auditlogs.tmpl.php...

CVE-2022-31890

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function...

CVE-2022-31890

CVE-2022-31890 concerns a SQL injection in osTicket-plugins' audit/class.audit.php, exploitable via the order parameter to the getOrder function. The Red Hat/CNNVD/EUVD/OSV and OSV feeds corroborate the description; the core issue is lack of proper input sanitization in the getOrder path, leading...

CVE-2022-32074

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

CVE-2022-32074

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

CVE-2022-32074

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

CVE-2022-32074

A stored cross-site scripting XSS vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file...

CVE-2022-32074

CVE-2022-32074 affects the osTicket-plugins Storage-FS component (audit/class.audit.php). It is a stored XSS vulnerability where a crafted SVG file can cause arbitrary web scripts/HTML execution. The issue is linked to a commit in the repository (a7842d494889fd5533d13deb3c6a7789768795ae) as part ...