|
305131
|
- |
|
otrs
|
otrs
|
Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System (OTRS) before 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote…
|
CWE-20
Improper Input Validation
|
CVE-2008-7280
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305132
|
- |
|
otrs
|
otrs
|
The CustomerInterface component in Open Ticket Request System (OTRS) before 2.2.8 allows remote authenticated users to bypass intended access restrictions and access tickets of arbitrary customers vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7279
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305133
|
- |
|
otrs
|
otrs
|
The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easi…
|
CWE-20
Improper Input Validation
|
CVE-2008-7278
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305134
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7277
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305135
|
- |
|
otrs
|
otrs
|
Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) before 2.3.2 creates a directory under /tmp/ with 1274 permissions, which might allow local users to bypass intended access restricti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7276
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305136
|
- |
|
otrs
|
otrs
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) before 2.3.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) AgentTic…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7275
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305137
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2…
|
CWE-20
Improper Input Validation
|
CVE-2008-7274
|
2024-11-21 09:58 |
2011-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305138
|
- |
|
eclipse
|
eclipse_ide
|
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7271
|
2024-11-21 09:58 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305139
|
- |
|
openssl
|
openssl
|
OpenSSL before 0.9.8j, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use o…
|
CWE-310
Cryptographic Issues
|
CVE-2008-7270
|
2024-11-21 09:58 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305140
|
- |
|
boka
|
siteengine
|
Open redirect vulnerability in api.php in SiteEngine 5.x allows user-assisted remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter…
|
CWE-20
Improper Input Validation
|
CVE-2008-7269
|
2024-11-21 09:58 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
