Remote Code Execution Vulnerability in osTicket by osTicket Team
CVE-2004-0613

Currently unrated

Key Information:

Vendor

Osticket

Status
Osticket Sts
Vendor
CVE Published:
6 December 2004

What is CVE-2004-0613?

osTicket has a vulnerability that permits remote attackers to gain unauthorized access to uploaded files. This exploit occurs when an attacker uploads a malicious PHP file to the ticket attachments directory, potentially allowing them to execute arbitrary code on the server. This vulnerability puts sensitive user data at risk and can lead to further exploitation if not mitigated.

References

http://marc.info/?l=bugtraq&m=108786779500957&w=2
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/16478
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/10586
vdb-entryx_refsource_BID

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.