Enhancesoft osTicket up to 1.12.5 Parameter include/ajax.search.php queue-name cross site scripting

A vulnerability was found in Enhancesoft osTicket up to 1.12.5 (Ticket Tracking Software). It has been classified as problematic. This affects an unknown code block of the file include/ajax.search.php of the component Parameter Handler. Upgrading to version 1.12.6 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-2558 : TENDA AC18 15.03.05.05 /GOFORM/EXECCOMMAND FORMEXECOMMAND CMDINPUT STACK-BASED OVERFLOW

CVE-2024-2558 : TENDA AC18 15.03.05.05 /GOFORM/EXECCOMMAND FORMEXECOMMAND CMDINPUT STACK-BASED OVERFLOW

Description A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function

CVE-2024-28746 : APACHE AIRFLOW 2.8.0/2.8.1/2.8.2 UI IMPROPER AUTHENTICATION

CVE-2024-28746 : APACHE AIRFLOW 2.8.0/2.8.1/2.8.2 UI IMPROPER AUTHENTICATION

Description Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access

CVE-2024-2413 : INTUMIT SMARTROBOT UP TO 6.1.2-202212TW HARD-CODED KEY

CVE-2024-2413 : INTUMIT SMARTROBOT UP TO 6.1.2-202212TW HARD-CODED KEY

Description Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this key to encrypt a string