|
310901
|
- |
|
ibm
|
lotus_quickr
|
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8.
|
CWE-399
Resource Management Errors
|
CVE-2008-7284
|
2024-11-21 09:58 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310902
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.2.6, when customer group support is enabled, allows remote authenticated users to bypass intended access restrictions and perform web-interface updates to t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7283
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310903
|
- |
|
otrs
|
otrs
|
Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System (OTRS) before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7282
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310904
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.2.7 sends e-mail containing a Bcc header field that lists the Blind Carbon Copy recipients, which allows remote attackers to obtain potentially sensitive e-…
|
CWE-200
Information Exposure
|
CVE-2008-7281
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310905
|
- |
|
otrs
|
otrs
|
Kernel/System/EmailParser.pm in PostmasterPOP3.pl in Open Ticket Request System (OTRS) before 2.2.7 does not properly handle e-mail messages containing malformed UTF-8 characters, which allows remote…
|
CWE-20
Improper Input Validation
|
CVE-2008-7280
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310906
|
- |
|
otrs
|
otrs
|
The CustomerInterface component in Open Ticket Request System (OTRS) before 2.2.8 allows remote authenticated users to bypass intended access restrictions and access tickets of arbitrary customers vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7279
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310907
|
- |
|
otrs
|
otrs
|
The S/MIME feature in Open Ticket Request System (OTRS) before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easi…
|
CWE-20
Improper Input Validation
|
CVE-2008-7278
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310908
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) before 2.3.0-beta4 checks for the rw permission, instead of the configured merge permission, during authorization of merge operations, which might allow remote authe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7277
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310909
|
- |
|
otrs
|
otrs
|
Kernel/System/Web/Request.pm in Open Ticket Request System (OTRS) before 2.3.2 creates a directory under /tmp/ with 1274 permissions, which might allow local users to bypass intended access restricti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7276
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310910
|
- |
|
otrs
|
otrs
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) before 2.3.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) AgentTic…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7275
|
2024-11-21 09:58 |
2011-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
