PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.01521
Percentile: 0.8044

CVSS Scoring

Affected Products

• cpe:2.3:a:osticket:osticket_sts:1.2:*:*:*:*:*:*:*
• cpe:2.3:a:osticket:osticket_sts:1.2.7:*:*:*:*:*:*:*
• cpe:2.3:a:osticket:osticket_sts:1.3_beta:*:*:*:*:*:*:*

← Back to Home