CVE-2004-0613

Опубликовано: 06 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.

Ссылки

http://marc.info/?l=bugtraq&m=108786779500957&w=2
http://www.securityfocus.com/bid/10586
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16477
https://exchange.xforce.ibmcloud.com/vulnerabilities/16478
http://marc.info/?l=bugtraq&m=108786779500957&w=2
http://www.securityfocus.com/bid/10586
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16477
https://exchange.xforce.ibmcloud.com/vulnerabilities/16478

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:osticket:osticket_sts:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.0678

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jcj4-h2pg-j964

github

почти 4 года назад