SQL Injection Vulnerability in osTicket by osTicket, Inc.
CVE-2005-2153

Currently unrated

Key Information:

Vendor: Osticket
Status: Osticket Sts
Vendor: CVE Published:; 6 July 2005

What is CVE-2005-2153?

An SQL injection vulnerability exists in the class.ticket.php file of osTicket versions up to 1.3.1 beta. This flaw enables remote attackers to inject malicious SQL commands through the 'ticket' variable, potentially compromising the integrity of the underlying database. Without proper input validation and sanitation, unauthorized users may gain access to sensitive data and manipulate database records, leading to grave security implications for affected systems.

References

http://securitytracker.com/id?1014373

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/14127

vdb-entryx_refsource_BID

http://seclists.org/lists/bugtraq/2005/Jul/0009.html

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 6, 2005

CVE-2005-2153 Data

JSON

Osticket

What is CVE-2005-2153?

References

Timeline