Description
SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Adam Baldwin · textwebappsphp
https://www.exploit-db.com/exploits/9032
References (10)
Core 10
Core References
Vendor Advisory x_refsource_confirm
http://osticket.com/forums/project.php?issueid=118
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/55472
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/9032
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/504615/100/0/threaded
Exploit x_refsource_misc
http://www.ngenuity.org/wordpress/2009/06/26/osticket-admin-login-blind-sql-injection/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35516
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/51417
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1022480
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1726
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35629
Scores
EPSS
0.0128
EPSS Percentile
79.7%
Details
CWE
CWE-89
Status
published
Products (2)
osticket/osticket
1.6 rc1 (3 CPE variants)
osticket/osticket
< 1.6
Published
Jul 08, 2009
Tracked Since
Feb 18, 2026