Description
PHP file inclusion vulnerability in the osTicket module in Help Center Live before 2.0.3 allows remote attackers to access or include arbitrary files via the file parameter, possibly due to a directory traversal vulnerability.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by HACKERS PAL · textwebappsphp
https://www.exploit-db.com/exploits/26502
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15404
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17580
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2451
Scores
EPSS
0.0168
EPSS Percentile
82.3%
Details
Status
published
Products (1)
ubertec/help_center_live
< 2.0.2
Published
Nov 16, 2005
Tracked Since
Feb 18, 2026