Description

Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter.

Remediation

References

CVE-2005-1439

Related Vulnerabilities

Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-4791)

OpenSSL Resource Management Errors Vulnerability (CVE-2010-2939)

WordPress Plugin Gallery PhotoBlocks Unspecified Vulnerability (1.1.32)

WordPress Plugin Mail Queue Cross-Site Scripting (1.1)

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8603)

Severity

High

Classification

CVE-2005-1439

Tags

Missing Update Known Vulnerabilities