Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-2274

Malware in sbrugna...

4.3CVSS4.6AI score0.00954EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-22727

Malware in sbrugna...

5.3CVSS5.3AI score0.00943EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-1516

Malware in sbrugna...

6.4CVSS6.1AI score0.02015EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2020/02/21 3:48 p.m.33 views

CVE-2013-4088

Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System OTRS 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket spl...

6.5CVSS6.4AI score0.02366EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/10/04 10:2 p.m.15 views

CVE-2008-1515

The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."...

6.4CVSS7AI score0.02015EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/21 12:0 a.m.26 views

CVE-2019-12746

An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...

6.9AI score0.02018EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2018/11/11 5:29 a.m.32 views

CVE-2018-19142

Open Ticket Request System OTRS 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL...

4.8CVSS5.8AI score0.00547EPSS
Exploits0References2
NVD
NVD
added 2018/11/11 5:29 a.m.27 views

CVE-2018-19143

Open Ticket Request System OTRS 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled...

6.5CVSS6.3AI score0.00861EPSS
Exploits0References2
NVD
NVD
added 2018/09/28 12:29 a.m.16 views

CVE-2018-16587

In Open Ticket Request System OTRS 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to...

6.5CVSS6.8AI score0.01754EPSS
Exploits0References6
Cvelist
Cvelist
added 2018/09/28 12:0 a.m.20 views

CVE-2018-16587

In Open Ticket Request System OTRS 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to...

7.4AI score0.01754EPSS
Exploits0References6
NVD
NVD
added 2017/12/08 3:29 p.m.19 views

CVE-2017-16921

In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters related to PGP and execute arbitrary shell commands with the permissions of the OTRS or web...

9CVSS9AI score0.19901EPSS
Exploits8References5
Cvelist
Cvelist
added 2017/12/08 3:0 p.m.29 views

CVE-2017-16921

In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters related to PGP and execute arbitrary shell commands with the permissions of the OTRS or web...

8.9AI score0.19901EPSS
Exploits8References5
Debian CVE
Debian CVE
added 2014/04/23 2:0 p.m.37 views

CVE-2014-2554

OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element...

4.3CVSS8.3AI score0.01466EPSS
Exploits1
NVD
NVD
added 2011/03/18 4:55 p.m.26 views

CVE-2010-4761

The customer-interface ticket-print dialog in Open Ticket Request System OTRS before 3.0.0-beta3 does not properly restrict customer-visible data, which allows remote authenticated users to obtain potentially sensitive information from the 1 responsible, 2 owner, 3 accounted time, 4 pending until...

4CVSS5.8AI score0.01289EPSS
Exploits0References2
NVD
NVD
added 2011/03/18 4:55 p.m.27 views

CVE-2010-4758

installer.pl in Open Ticket Request System OTRS before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen...

1.9CVSS6.5AI score0.00375EPSS
Exploits1References2
Cvelist
Cvelist
added 2011/03/18 4:0 p.m.28 views

CVE-2008-7278

The S/MIME feature in Open Ticket Request System OTRS before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available fo...

6.6AI score0.01984EPSS
Exploits0References3
Cvelist
Cvelist
added 2011/03/18 4:0 p.m.26 views

CVE-2010-4764

Open Ticket Request System OTRS before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys, which makes it easier for remote attackers to spoof e-mail communication by leveraging a key that has a revocation...

6.5AI score0.01466EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/04/15 12:0 a.m.19 views

OTRS < 2.1.8 / 2.2.6 SOAP Interface Authentication Bypass

Binary data 4466.prm...

6.4CVSS7.3AI score0.02015EPSS
Exploits0References2
exploitpack
exploitpack
added 2005/11/22 12:0 a.m.11 views

OTRS 2.0 - AgentTicketPlain Action Multiple SQL Injections

OTRS 2.0 - AgentTicketPlain Action Multiple SQL Injections source: https://www.securityfocus.com/bid/15537/info OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to...

1.1AI score
Exploits0
Rows per page
Query Builder