Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

osTicket < 1.3.1 Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The version of osTicket installed on the remote host suffers from several vulnerabilities, including:

- A Local File Include Vulnerability The application fails to sanitize user-supplied input to the 'inc' parameter in the 'view.php' script. After authentication, an attacker can exploit this flaw to run arbitrary PHP code found in files on the remote host provided PHP's 'register_globals' setting is enabled.

- A SQL Injection Vulnerability An authenticated attacker can affect SQL queries via POST queries due to a failure of the application to filter input to the 'ticket' variable in the 'class.ticket.php' code library.

Solution

Upgrade to version 1.3.1 or higher.