SecuritySpace - CVE-2013-4717

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-4717

Description: Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/RuntimeDB.pm, Kernel/System/Ticket/IndexAccelerator/StaticDB.pm, and Kernel/System/TicketSearch.pm.

Test IDs: 1.3.6.1.4.1.25623.1.1.10.2013.0247 1.3.6.1.4.1.25623.1.0.702733

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-4717
https://web.archive.org/web/20130817120539/http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2013-05/

CVE ID:	CVE-2013-4717
Description:	Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/RuntimeDB.pm, Kernel/System/Ticket/IndexAccelerator/StaticDB.pm, and Kernel/System/TicketSearch.pm.
Test IDs:	1.3.6.1.4.1.25623.1.1.10.2013.0247 1.3.6.1.4.1.25623.1.0.702733
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4717 https://web.archive.org/web/20130817120539/http://www.otrs.com/de/open-source/community-news/security-advisories/security-advisory-2013-05/