Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (24 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2020-22608 1 Enhancesoft 1 Osticket 2024-11-21 6.1 Medium
Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php.
CVE-2020-14012 1 Enhancesoft 1 Osticket 2024-11-21 5.4 Medium
scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.
CVE-2020-12629 1 Enhancesoft 1 Osticket 2024-11-21 5.4 Medium
include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.
CVE-2019-13397 1 Enhancesoft 1 Osticket 2024-11-21 N/A
Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket.