Lucene search

K

Support Incident Tracker (SiT!) 3.63 p1 - search.php?search_string SQL Injection

๐Ÿ—“๏ธย 26 Jul 2011ย 00:00:00Reported byย Yuri GoltsevTypeย 
exploitpack
ย exploitpack
๐Ÿ‘ย 15ย Views

Support Incident Tracker 3.63p1 SQL Injection Vulnerabilit

Show more
Code
source: https://www.securityfocus.com/bid/48896/info
  
Support Incident Tracker is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.
  
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
  
Support Incident Tracker 3.63p1 is vulnerable; other versions may also be affected. 

http://www.example.com/sit/search.php?search_string=1' union select 1,version()

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
26 Jul 2011 00:00Current
0.1Low risk
Vulners AI Score0.1
15
.json
Report