osTicket 1.2/1.3 - 'view.php?inc' Arbitrary Local File Inclusion

Author: edisan & foster
type: webapps
platform: php
port: 
date_added: 2005-06-30 
date_updated: 2013-06-03 
verified: 1 
codes: CVE-2005-2154;OSVDB-17715 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/14127/info

osTicket is affected by multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied data.

The following specific issues were identified:

- An SQL-injection vulnerability. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

- A local file-include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

osTicket 1.3.1 beta and prior versions are affected.

http://www.example.com/osticket/view.php?inc=x