Max CVSS | 6.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-15864 | 4.0 |
In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database user and password.
|
03-10-2019 - 00:03 | 16-11-2017 - 15:29 | |
CVE-2017-16664 | 6.5 |
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user
|
08-05-2019 - 18:57 | 21-11-2017 - 14:29 |