Description

Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter.

Remediation

References

CVE-2005-1439

Related Vulnerabilities

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3680)

WordPress Plugin Highlight Cross-Site Scripting (0.9.2)

WordPress 5.2.x Directory Traversal (5.2 - 5.2.20)

OpenSSL Session Fixation Vulnerability (CVE-1999-0428)

WordPress Plugin Analytics Stats Counter Statistics PHP Object Injection (1.2.2.5)

Severity

High

Classification

CVE-2005-1439

Tags

Missing Update Known Vulnerabilities