Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0613


Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0613
Last Modified 07 Mar 2011 09:16:04
Published 06 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.

Vulnerable Systems


  • Osticket Sts 1.2


BID - 10586

BUGTRAQ - 20040621 Multiple osTicket exploits!

XF - osticket-view-attachments(16478)

XF - osticket-php-file-upload(16477)

Last Updated: 27 May 2016 10:38:40