Ownticket
Monthly
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.