📦 Osticket

This SQL injection vulnerability in osTicket's login and password reset functionality allows attackers to execute arbitrary SQL commands. It affects all osTicket installations before versions 1.14.8 a...

This vulnerability allows remote attackers to read arbitrary files from the osTicket server filesystem by crafting malicious HTML in ticket content and exporting it to PDF. Attackers can disclose sens...

CVE-2023-30082 is a denial-of-service vulnerability in osTicket where submitting an extremely long password (over 10 million characters) causes excessive CPU and memory consumption, potentially crashi...

This CVE describes a session fixation vulnerability in osTicket's authentication system. Attackers can fixate session IDs before user login, potentially hijacking authenticated sessions after login. A...