Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
osTicket Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2010-4634 - Vulnerability Database
osTicket

osTicket Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2010-4634

Medium
Reference: CVE-2010-4634
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-4634
Title: osTicket Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

DISPUTED Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party.