Vulnerabilities > Osticket > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1437 | SQL-Injection vulnerability in Osticket 1.X Multiple SQL injection vulnerabilities in osTicket allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php. | 7.5 |
| 2004-12-06 | CVE-2004-0613 | Remote Command Execution vulnerability in Osticket STS 1.2 osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory. | 7.5 |