Lucene search
+L

4468 matches found

Cvelist
Cvelist
added yesterday16 views

CVE-2026-14871 osTicket v1.18.3 - v1.17.7 - BOLA/IDOR in ticket field viewing allows cross-department data disclosure

osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization BOLA leading to Insecure Direct Object Reference IDOR in the AJAX ticket-management subsystem...

7.1CVSS
Exploits0References5
Vulnrichment
Vulnrichment
added yesterday3 views

CVE-2026-14871 osTicket v1.18.3 - v1.17.7 - BOLA/IDOR in ticket field viewing allows cross-department data disclosure

osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization BOLA leading to Insecure Direct Object Reference IDOR in the AJAX ticket-management subsystem...

7.1CVSS5.3AI score
Exploits0References5
CVE
CVE
added yesterday9 views

CVE-2026-14871

This CVE affects osTicket versions 1.18.3 and 1.17.7, where a Broken Object Level Authorization (BOLA) leads to an Insecure Direct Object Reference (IDOR) in the AJAX ticket-management subsystem. The issue enables cross-department data disclosure due to improper access controls on object referenc...

7.1CVSS5.3AI score
Exploits0References5
EUVD
EUVD
added yesterday6 views

EUVD-2026-45186

osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization BOLA leading to Insecure Direct Object Reference IDOR in the AJAX ticket-management subsystem...

7.1CVSS5.3AI score
Exploits0References5
Nuclei
Nuclei
added yesterday46 views

SupportCandy < 2.2.7 - Reflected Cross-Site Scripting

The SupportCandy WordPress plugin before 2.2.7 does not sanitise and escape the query string before outputting it back in pages with the wpsccreateticket shortcode embed, leading to a Reflected Cross-Site Scripting issue id: CVE-2021-24878 info: name: SupportCandy 2.2.7 - Reflected Cross-Site...

6.1CVSS6.1AI score0.01165EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday80 views

PHPJabbers Ticket Support Script v3.2 - Cross-Site Scripting

There is a Cross Site Scripting XSS vulnerability in the message parameter of index.php in PHPJabbers Ticket Support Script v3.2. id: CVE-2023-40753 info: name: PHPJabbers Ticket Support Script v3.2 - Cross-Site Scripting author: ritikchaddha severity: medium description: | There is a Cross Site...

5.4CVSS5.5AI score0.01053EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-60779

osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization BOLA leading to Insecure Direct Object Reference IDOR in the AJAX ticket-management subsystem...

7.1CVSS5.3AI score
Exploits0References6
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-63081 Perfect Support Ticketing System 1.7 Stored XSS via Ticket Notes Field

Perfect Support Ticketing & Document Management System through 1.7 contains a stored cross-site scripting vulnerability that allows authenticated attackers with Agent-level privileges to inject malicious payloads into the Notes field of assigned support tickets. Attackers can store malicious...

5.4CVSS0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-44894

The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'pricewrapper' Shortcode Attribute in all versions up to, and including, 3.6.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS6.3AI score0.00225EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago38 views

CVE-2026-13755 Tickera <= 3.6.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'price_wrapper' Shortcode Attribute

The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'pricewrapper' Shortcode Attribute in all versions up to, and including, 3.6.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00225EPSS
Exploits0References5
CVE
CVE
added 4 days ago17 views

CVE-2026-45074

Symfony’s Cas2Handler derives the CAS service URL from Request::getSchemeAndHttpHost(), which uses the Host header when framework.trusted_hosts is not configured. An attacker controlling another app registered with the same CAS server can replay a victim’s CAS ticket and authenticate as that vict...

8.1CVSS6.1AI score0.00402EPSS
Exploits0References4Affected Software1
OSV
OSV
added 4 days ago3 views

CVE-2026-45074 Symfony: Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 7.1.0 until 7.4.12 and 8.0.12, Cas2Handler builds the CAS service parameter from Request::getSchemeAndHttpHost, which reflects an attacker-controlled Host header when framework.trustedhosts is n...

7.6CVSS6.1AI score0.00402EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago26 views

CVE-2026-60118 Hi.Events < 1.11.0 Hidden Ticket Enumeration via Order Creation Endpoint

Hi.Events before 1.11.0 contains a missing server-side visibility enforcement vulnerability that allows unauthenticated attackers to purchase hidden tickets by referencing hidden product and price IDs in order creation requests without authorization checks. Attackers can enumerate sequential hidd...

6.9CVSS0.00235EPSS
Exploits0References5
CVE
CVE
added 4 days ago8 views

CVE-2026-60118

CVE-2026-60118 affects Hi.Events up to v1.10.0-beta, where a missing server-side visibility enforcement lets unauthenticated attackers purchase hidden tickets by referencing hidden product and price IDs in order creation requests without authorization checks. Attackers can enumerate sequential hi...

6.9CVSS6.1AI score0.00235EPSS
Exploits0References5
OSV
OSV
added 4 days ago3 views

CVE-2026-60118 Hi.Events < 1.11.0 Hidden Ticket Enumeration via Order Creation Endpoint

Hi.Events before 1.11.0 contains a missing server-side visibility enforcement vulnerability that allows unauthenticated attackers to purchase hidden tickets by referencing hidden product and price IDs in order creation requests without authorization checks. Attackers can enumerate sequential hidd...

6.9CVSS6.1AI score0.00235EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/10 8:31 p.m.32 views

CVE-2026-13039 Eventin 4.0.26 - 4.1.15 - Missing Authorization to Unauthenticated Payment Bypass via REST API

The Eventin – Event Calendar, Event Registration, Tickets & Booking AI Powered plugin for WordPress is vulnerable to authorization bypass due to a regression in versions from 4.0.26 up to and including 4.1.15. This is due to the plugin not properly verifying that a user is authorized to perform a...

5.3CVSS0.00257EPSS
Exploits0References2
NVD
NVD
added 2026/07/09 7:16 a.m.7 views

CVE-2026-11875

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner identified by email address to read, reply to, and close that person's support tickets...

5.3CVSS0.00193EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/09 6:0 a.m.6 views

EUVD-2026-42510

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner identified by email address to read, reply to, and close that person's support tickets...

5.3CVSS6AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/09 6:0 a.m.35 views

CVE-2026-11875 WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Support Ticket Access via Session Cookie Forgery

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner identified by email address to read, reply to, and close that person's support tickets...

0.00193EPSS
Exploits0References1
CVE
CVE
added 2026/07/09 6:0 a.m.10 views

CVE-2026-11875

Affected software: WP Support Plus Responsive Ticket System WordPress plugin (up to version 9.1.2). Issue: guest-session cookies are neither signed nor verified, enabling unauthenticated attackers to forge a cookie and impersonate another ticket owner (identified by email) to read, reply to, and ...

5.3CVSS6AI score0.00193EPSS
Exploits0References1
Rows per page
Query Builder