2 matches found
CVE-2005-2153
SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable.
CVE-2005-2154
PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.