SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to execute arbitrary SQL commands and obtain usernames and passwords via the frm_search_in parameter.
CPE | Name | Operator | Version |
---|---|---|---|
php_ticket | eq | 0.6 | |
php_ticket | le | 0.71 | |
php_ticket | eq | 0.5 |