enhancesoft CVE Vulnerabilities & Metrics

Focus on enhancesoft vulnerabilities and metrics.

Last updated: 13 Jul 2026, 22:25 UTC

About enhancesoft Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with enhancesoft. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total enhancesoft CVEs: 37
Earliest CVE date: 03 May 2005, 04:00 UTC
Latest CVE date: 02 Apr 2026, 17:16 UTC

Latest CVE reference: CVE-2026-26895

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 100.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 100.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical enhancesoft CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 3.0

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range Count
0.0-3.9 24
4.0-6.9 17
7.0-8.9 6
9.0-10.0 0

CVSS Distribution Chart

Top 5 Highest CVSS enhancesoft CVEs

These are the five CVEs with the highest CVSS scores for enhancesoft, sorted by severity first and recency.

All CVEs for enhancesoft

CVE-2026-26895 enhancesoft vulnerability CVSS: 0 02 Apr 2026, 17:16 UTC

User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.

CVE-2026-22200 enhancesoft vulnerability CVSS: 0 12 Jan 2026, 19:16 UTC

Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficiently sanitized before being processed by the mPDF PDF generator during export. When the attacker exports the ticket to PDF, the generated PDF can embed the contents of attacker-selected files from the server filesystem as bitmap images, allowing disclosure of sensitive local files in the context of the osTicket application user. This issue is exploitable in default configurations where guests may create tickets and access ticket status, or where self-registration is enabled.

CVE-2025-26241 enhancesoft vulnerability CVSS: 0 05 May 2025, 16:15 UTC

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

CVE-2023-46967 enhancesoft vulnerability CVSS: 0 20 Feb 2024, 21:15 UTC

Cross Site Scripting vulnerability in the sanitize function in Enhancesoft osTicket 1.18.0 allows a remote attacker to escalate privileges via a crafted support ticket.

CVE-2023-27149 enhancesoft vulnerability CVSS: 0 23 Oct 2023, 20:15 UTC

A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list.

CVE-2023-27148 enhancesoft vulnerability CVSS: 0 23 Oct 2023, 20:15 UTC

A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter.

CVE-2021-45811 enhancesoft vulnerability CVSS: 0 08 Sep 2023, 02:15 UTC

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

CVE-2023-30082 enhancesoft vulnerability CVSS: 0 14 Jun 2023, 20:15 UTC

A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory.

CVE-2022-31890 enhancesoft vulnerability CVSS: 0 05 Apr 2023, 22:15 UTC

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.

CVE-2022-31889 enhancesoft vulnerability CVSS: 0 05 Apr 2023, 22:15 UTC

Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.

CVE-2022-31888 enhancesoft vulnerability CVSS: 0 05 Apr 2023, 22:15 UTC

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.

CVE-2023-1320 enhancesoft vulnerability CVSS: 0 10 Mar 2023, 16:15 UTC

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

CVE-2023-1319 enhancesoft vulnerability CVSS: 0 10 Mar 2023, 16:15 UTC

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

CVE-2023-1318 enhancesoft vulnerability CVSS: 0 10 Mar 2023, 16:15 UTC

Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6.

CVE-2023-1317 enhancesoft vulnerability CVSS: 0 10 Mar 2023, 16:15 UTC

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.

CVE-2023-1316 enhancesoft vulnerability CVSS: 0 10 Mar 2023, 16:15 UTC

Cross-site Scripting (XSS) - Stored in GitHub repository osticket/osticket prior to v1.16.6.

CVE-2023-1315 enhancesoft vulnerability CVSS: 0 10 Mar 2023, 16:15 UTC

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6.

CVE-2022-4271 enhancesoft vulnerability CVSS: 0 02 Dec 2022, 16:15 UTC

Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to 1.16.4.

CVE-2022-32074 enhancesoft vulnerability CVSS: 0 13 Jul 2022, 16:15 UTC

A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.

CVE-2021-42235 enhancesoft vulnerability CVSS: 7.5 04 May 2022, 17:15 UTC

SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.

CVE-2020-22609 enhancesoft vulnerability CVSS: 4.3 28 Jun 2021, 19:15 UTC

Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter in include/class.queue.php.

CVE-2020-22608 enhancesoft vulnerability CVSS: 4.3 28 Jun 2021, 19:15 UTC

Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.12.6 via the queue-name parameter to include/ajax.search.php.

CVE-2020-24881 enhancesoft vulnerability CVSS: 7.5 02 Nov 2020, 21:15 UTC

SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning.

CVE-2020-24917 enhancesoft vulnerability CVSS: 4.3 30 Aug 2020, 16:15 UTC

osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php.

CVE-2020-16193 enhancesoft vulnerability CVSS: 3.5 26 Aug 2020, 12:15 UTC

osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info['notes'] call.

CVE-2020-14012 enhancesoft vulnerability CVSS: 3.5 10 Jun 2020, 18:15 UTC

scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.

CVE-2020-12629 enhancesoft vulnerability CVSS: 3.5 04 May 2020, 13:15 UTC

include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.

CVE-2019-14750 enhancesoft vulnerability CVSS: 4.3 07 Aug 2019, 17:15 UTC

An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions.

CVE-2019-14749 enhancesoft vulnerability CVSS: 6.8 07 Aug 2019, 17:15 UTC

An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab, and the Issue Summary field in the tickets tab. This allows other agents to download data in a .csv file format or .xls file format. This is used as input for spreadsheet applications such as Excel and OpenOffice Calc, resulting in a situation where cells in the spreadsheets can contain input from an untrusted source. As a result, the end user who is accessing the exported spreadsheet can be affected.

CVE-2019-14748 enhancesoft vulnerability CVSS: 3.5 07 Aug 2019, 17:15 UTC

An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is not handled properly, causing persistent XSS that leads to cookie stealing or malicious actions. For example, a non-agent user can upload a .html file, and Content-Disposition will be set to inline instead of attachment.

CVE-2019-13397 enhancesoft vulnerability CVSS: 4.3 09 Jul 2019, 17:15 UTC

Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker to gain admin privileges by injecting arbitrary web script or HTML via arbitrary file extension while creating a support ticket.

CVE-2019-11537 enhancesoft vulnerability CVSS: 4.3 25 Apr 2019, 19:29 UTC

In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/users.php?do=import-users, and /upload/scp/ajax.php/users/import if an agent manager user uploads a crafted .csv file to the User Importer, because file contents can appear in an error message. The XSS can lead to local file inclusion.

CVE-2018-7196 enhancesoft vulnerability CVSS: 4.3 27 Mar 2018, 17:29 UTC

Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter.

CVE-2018-7195 enhancesoft vulnerability CVSS: 4.3 27 Mar 2018, 17:29 UTC

Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is known) by leveraging guest access and guessing a 6-digit number.

CVE-2018-7194 enhancesoft vulnerability CVSS: 4.0 27 Mar 2018, 17:29 UTC

Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting.

CVE-2018-7193 enhancesoft vulnerability CVSS: 4.3 27 Mar 2018, 17:29 UTC

Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "order" parameter.

CVE-2018-7192 enhancesoft vulnerability CVSS: 4.3 27 Mar 2018, 17:29 UTC

Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter.

CVE-2015-1347 enhancesoft vulnerability CVSS: 4.3 23 Jan 2015, 15:59 UTC

Cross-site scripting (XSS) vulnerability in client.inc.php in osTicket before 1.9.5.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

CVE-2015-1176 enhancesoft vulnerability CVSS: 4.3 23 Jan 2015, 15:59 UTC

Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.

CVE-2014-4744 enhancesoft vulnerability CVSS: 4.3 09 Jul 2014, 14:55 UTC

Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone Number field to open.php or (2) Phone number field, (3) passwd1 field, (4) passwd2 field, or (5) do parameter to account.php.

CVE-2010-4634 enhancesoft vulnerability CVSS: 5.0 30 Dec 2010, 21:00 UTC

Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party

CVE-2010-0606 enhancesoft vulnerability CVSS: 3.5 11 Feb 2010, 17:30 UTC

Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related to an error message generated by scp/admin.php.

CVE-2010-0605 enhancesoft vulnerability CVSS: 7.5 11 Feb 2010, 17:30 UTC

SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.

CVE-2009-2361 enhancesoft vulnerability CVSS: 7.5 08 Jul 2009, 15:30 UTC

SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.

CVE-2006-5407 enhancesoft vulnerability CVSS: 7.5 19 Oct 2006, 01:07 UTC

PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.

CVE-2005-1439 enhancesoft vulnerability CVSS: 7.5 03 May 2005, 04:00 UTC

Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter.

CVE-2005-1436 enhancesoft vulnerability CVSS: 6.8 03 May 2005, 04:00 UTC

Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket.