CVE-2005-2154

osTicket <1.3.1 - Local File Inclusion

Title source: llm

Description

PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by edisan & foster · textwebappsphp

https://www.exploit-db.com/exploits/25926

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014373

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/14127

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://seclists.org/lists/bugtraq/2005/Jul/0009.html

Scores

EPSS 0.0152

EPSS Percentile 81.5%

Details

Status published

Products (3)

osticket/osticket_sts 1.2

osticket/osticket_sts 1.2.7

osticket/osticket_sts 1.3_beta

Published Jul 06, 2005

Tracked Since Feb 18, 2026