CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

EUVD•added 2026/02/16 9:30 a.m.•6 views

EUVD-2026-6117

A weakness has been identified in LigeroSmart up to 6.1.26. Impacted is an unknown function of the file /otrs/index.pl?Action=AgentTicketSearch. This manipulation of the argument Profile causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the...

6.1CVSS4AI score0.00051EPSS

Exploits1References7

NVD•added 2026/02/16 8:16 a.m.•3 views

CVE-2026-2545

6.1CVSS0.00051EPSS

Exploits1References6

OSV•added 2026/02/16 8:16 a.m.•5 views

CVE-2026-2545

6.1CVSS4AI score

Exploits0References6

Vulnrichment•added 2026/02/16 7:32 a.m.•4 views

CVE-2026-2545 LigeroSmart index.pl cross site scripting

5.1CVSS4AI score0.00051EPSS

Exploits1References6

Positive Technologies•added 2026/02/16 12:0 a.m.•6 views

PT-2026-8319

5.1CVSS4AI score0.00051EPSS

Exploits1References7

CNNVD•added 2026/02/16 12:0 a.m.•4 views

LigeroSmart 代码注入漏洞

LigeroSmart is an open-source management platform developed by LigeroSmart. Versions of LigeroSmart 6.1.26 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper handling of the Profile parameter in the file/otrs/index.pl?Action=AgentTicketSearch, which cou...

6.1CVSS5.7AI score0.00051EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-30443

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00088EPSS

Exploits0References2

Tenable Nessus•added 2025/08/30 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2022-25803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical Request Tracker RT before 5.0.3 has an Open Redirect via a ticket search. CVE-2022-25803 Note that Nessus relies on the presence of the package a...

6.1CVSS6AI score0.00088EPSS

Exploits0References2

CNNVD•added 2025/05/05 12:0 a.m.•6 views

osTicket 安全漏洞

osTicket is a widely used and trusted open source support work order system from osTicket. A security vulnerability exists in osTicket version 1.17.5 and earlier, which stems from a combination of the keywords and topicid parameters in the search function of the tickets.php page that results in S...

6.5CVSS7.4AI score0.00252EPSS

Exploits1References1

SUSE CVE•added 2023/02/15 5:35 a.m.•3 views

SUSE CVE-2013-4717

Multiple SQL injection vulnerabilities in Open Ticket Request System OTRS Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm,...

8.8CVSS8.6AI score0.00897EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:31 a.m.•1 views

SUSE CVE-2014-1471

SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL...

7.5CVSS8.4AI score0.01617EPSS

Exploits0References3

NCSC•added 2022/12/19 12:0 a.m.•3 views

Vulnerability fixed in OTRS

A vulnerability has been fixed in OTRS. The vulnerability allows an authenticated malicious person to perform an SQL injection. execute. OTRS instances are only vulnerable if the TicketSearch Web service is configured. OTRS developers have released updates to fix the vulnerability. More informati...

9.8CVSS7.1AI score0.00465EPSS

Exploits0

Huntr•added 2022/12/06 6:10 p.m.•13 views

Reflected XSS in Advanced Ticket Search

Description Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScrip...

4.9CVSS5.8AI score0.10075EPSS

Exploits1References1