osTicket 1.3.1 Beta and Earlier: PHP Local File Inclusion Vulnerability in view.php and open.php

osTicket 1.3.1 Beta and Earlier: PHP Local File Inclusion Vulnerability in view.php and open.php

CVE-2005-2154 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter.

Learn more about our Web Application Penetration Testing UK.