header-logo
Suggest Exploit
vendor:
OTRS
by:
Unknown
7.5
CVSS
HIGH
Input-Validation
89
CWE
Product Name: OTRS
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2005-3068
CPE: a:otrs:otrs
Metasploit:
Other Scripts:
Platforms Tested:
2005

Input-Validation Vulnerabilities in OTRS

OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to multiple SQL-injection vulnerabilities, an HTML-injection vulnerability, and multiple cross-site scripting vulnerabilities.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization techniques in the OTRS application.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15537/info
 
OTRS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
 
The application is prone to multiple SQL-injection vulnerabilities, an HTML-injection vulnerability, and multiple cross-site scripting vulnerabilities. 

http://www.example.com/admin/index.pl?Action=AgentTicketPlain&ArticleID=1&TicketID=1%20[SQL_HERE]
http://www.example.com/admin/index.pl?Action=AgentTicketPlain&TicketID=1&ArticleID=1%20[SQL_HERE]

Navigation

Suggest Exploit

Services By CQR