CVE-2004-0613 Information

Description

osTicket allows remote attackers to view sensitive uploaded files and possibly execute arbitrary code via an HTTP request that uploads a PHP file to the ticket attachments directory.

Reference

http://marc.info/?l=bugtraq&m=108786779500957&w=2 http://www.securityfocus.com/bid/10586 https://exchange.xforce.ibmcloud.com/vulnerabilities/16477 https://exchange.xforce.ibmcloud.com/vulnerabilities/16478