threat
engine
.sh
Back
·
··:··
Home
/
Product
/
osticket
Product
osticket
56 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-26895
< 1.18.3
User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered
5.3
MEDIUM
CVE-2026-22200
>= 1.17 and < 1.17.7
Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in th
7.5
HIGH
CVE-2025-45387
< 1.17.6
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
5.4
MEDIUM
CVE-2025-26241
<= 1.17.5
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attack
6.5
MEDIUM
CVE-2023-46967
< 1.18.0
Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate pr
6.1
MEDIUM
CVE-2023-27149
all versions
A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web script
4.8
MEDIUM
CVE-2023-27148
all versions
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute a
4.8
MEDIUM
CVE-2021-45811
>= 1.15 and <= 1.15.8
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attacker
6.5
MEDIUM
CVE-2023-30082
all versions
A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) i
7.5
HIGH
CVE-2022-31888
<= 1.16.2
Session Fixation vulnerability in function login in class.auth.php in osTicket through 1.16.2.
8.8
HIGH
CVE-2023-1320
< 1.16.6
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
6.1
MEDIUM
CVE-2023-1319
< 1.16.6
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
4.8
MEDIUM
CVE-2023-1318
< 1.16.6
Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.
5.4
MEDIUM
CVE-2023-1317
< 1.16.6
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
5.4
MEDIUM
CVE-2023-1316
< 1.16.6
Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.
5.4
MEDIUM
CVE-2023-1315
< 1.16.6
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.
5.4
MEDIUM
CVE-2022-4271
< 1.16.4
Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.
5.4
MEDIUM
CVE-2022-32074
< 2022-05-19
A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before c
5.4
MEDIUM
CVE-2021-42235
< 1.14.8
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket admini
9.8
CRITICAL
CVE-2020-22609
< 1.12.6
Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queu
6.1
MEDIUM
CVE-2020-22608
< 1.12.6
Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php.
6.1
MEDIUM
CVE-2020-24881
< 1.14.3
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
9.8
CRITICAL
CVE-2020-24917
< 1.14.3
osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.
6.1
MEDIUM
CVE-2020-16193
< 1.14.3
osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info['notes'] call.
5.4
MEDIUM
CVE-2020-14012
all versions
scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be a
5.4
MEDIUM
CVE-2020-12629
< 1.14.2
include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.
5.4
MEDIUM
CVE-2019-14750
< 1.10.7
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observe
6.1
MEDIUM
CVE-2019-14749
< 1.10.7
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export sprea
8.8
HIGH
CVE-2019-14748
< 1.10.7
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files
5.4
MEDIUM
CVE-2019-13397
all versions
Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script
6.1
MEDIUM
CVE-2019-11537
< 1.12
In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and /upload/scp/ajax.php/users/im
6.1
MEDIUM
CVE-2018-7196
<= 1.10.1
Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject
6.1
MEDIUM
CVE-2018-7195
<= 1.10.1
Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is know
8.1
HIGH
CVE-2018-7194
<= 1.10.1
Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause
4.9
MEDIUM
CVE-2018-7193
<= 1.10.1
Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to in
6.1
MEDIUM
CVE-2018-7192
<= 1.10.1
Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attacker
6.1
MEDIUM
CVE-2017-15580
all versions
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate th
9.8
CRITICAL
CVE-2017-15362
all versions
osTicket 1.10.1 allows arbitrary client-side JavaScript code execution on victims who click a crafted support/scp/tickets.php?stat
6.1
MEDIUM
CVE-2017-14396
all versions
In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter
9.8
CRITICAL
CVE-2015-1347
<= 1.9.5
Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket before 1.9.5.1 allows remote attackers to inject arbitrary
CVE-2015-1176
<= 1.9.4
Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbi
CVE-2014-4744
<= 1.9.1
Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script
CVE-2010-4634
all versions
Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file p
CVE-2010-0606
<= 1.6
Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inje
CVE-2010-0605
<= 1.6
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permis
CVE-2009-2361
<= 1.6
SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL
CVE-2006-6733
all versions
Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows remote attackers to inject arbit
CVE-2006-5407
all versions
PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a U
CVE-2005-2154
all versions
PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers
CVE-2005-2153
all versions
SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQ
CVE-2005-1439
all versions
Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences
CVE-2005-1438
all versions
PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the incl
CVE-2005-1437
all versions
Multiple SQL injection vulnerabilities in osTicket allow remote attackers to execute arbitrary SQL commands via the (1) id paramet
CVE-2005-1436
all versions
Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via
CVE-2004-0614
all versions
osTicket trusts a hidden form field in the submit form to limit the upload size of a document, which could allow remote attackers
CVE-2004-0613
all versions
osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that upl
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin