Peter Rotich

3 exploits Active since Nov 2020
CVE-2020-24881 NOMISEC CRITICAL WORKING POC
Osticket < 1.14.3 - SSRF
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.
CVSS 9.8
CVE-2021-42235 WRITEUP CRITICAL WRITEUP
Enhancesoft Osticket < 1.14.8 - SQL Injection
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.
CVSS 9.8
CVE-2022-31888 WRITEUP HIGH WRITEUP
osTicket <1.16.2 - Info Disclosure
Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.
CVSS 8.8