Nahuel Grisolía

**Name of the Vulnerable Software and Affected Versions** osTicket versions prior to 1.6.0 Stable **Description** The issue allows remote authenticated users with "Staff" permissions to execute arbitrary SQL commands. This is achieved by exploiting the input parameter in the scp/ajax.php file. **Recommendations** For versions prior to 1.6.0 Stable, update to version 1.6.0 Stable or later to resolve the issue. As a temporary workaround, consider restricting access to the scp/ajax.php file for users with "Staff" permissions until the update is applied.

**Name of the Vulnerable Software and Affected Versions** AlienVault Open Source Security Information Management (OSSIM) versions prior to 2.1.5-4 **Description** The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the `uniqueid` parameter to API endpoints such as "wcl.php", "storage graphs.php", "storage graphs2.php", "storage graphs3.php", and "storage graphs4.php" in the sem/ directory. **Recommendations** For AlienVault Open Source Security Information Management (OSSIM) versions prior to 2.1.5-4, consider updating to version 2.1.5-4 or later to resolve the issue. As a temporary workaround, restrict access to the vulnerable API endpoints in the sem/ directory to minimize the risk of exploitation. Avoid using the `uniqueid` parameter in the affected API endpoints until the issue is resolved.