CVE-2006-5407
PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the
CVSS
7.5
No CVSS
EPSS
1.4%
p69
KEV
—
Exploit Today
21
0-100
Published: Oct 19, 2006 · Last modified: Jul 10, 2026
1.4%EPSS · 30 days1.4%
2026-06-302026-07-16
PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.
- securityreason.comhttp://securityreason.com/securityalert/1745
- www.securityfocus.comhttp://www.securityfocus.com/archive/1/448687/100/0/threaded
- exchange.xforce.ibmcloud.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/29577
- securityreason.comhttp://securityreason.com/securityalert/1745
- www.securityfocus.comhttp://www.securityfocus.com/archive/1/448687/100/0/threaded
- exchange.xforce.ibmcloud.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/29577
No related CVEs by CWE or product.