Vulnerabilities > CVE-2005-2153 - Unspecified vulnerability in Osticket STS 1.2/1.2.7/1.3Beta

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
osticket
nessus
NVD
Published: 2005-07-06
Updated: 2024-11-20

Summary

SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable.

Vulnerable Configurations

Part Description Count
Application
Osticket
3

Nessus

NASL familyCGI abuses
NASL idOSTICKET_131.NASL
descriptionThe version of osTicket installed on the remote host suffers from several vulnerabilities, including: - A Local File Include Vulnerability The application fails to sanitize user-supplied input to the
last seen2020-06-01
modified2020-06-02
plugin id18612
published2005-07-05
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18612
titleosTicket <= 1.3.1 Multiple Vulnerabilities

References