159 matches found
CVE-2026-48248
Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/login.inc.php by setting CURLOPTSSLVERIFYPEER to false and not setting CURLOPTSSLVERIFYHOST when issuing outbound HTTPS requests issued during the login/authentication flow. An attacker positioned on the network path...
CVE-2026-48242
Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials host, username, password, database name in importmdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid configuration values...
CVE-2026-48245
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...
CVE-2026-48237
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frmticketid and frmrespid POST parameters are concatenated into WHERE clauses of SELECT/UPDATE statements without sanitization. Authenticated attackers can craft requests that alter query semantics to...
CVE-2026-48236
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in dbloader.php where the multiple POST parameters ticketsdb, ticketshost, ticketsuser, ticketspassword are concatenated into mysqli connection arguments and dynamic SQL operating against an attacker-controlled database withou...
CVE-2026-48238
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobilemain.php where the id GET parameter is concatenated into the WHERE clause of a SELECT statement used as a ticket-existence sanity check without sanitization. Authenticated attackers can craft requests that alter...
CVE-2026-48235
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses InstaMapper and Google Latitude integration are concatenated into...
CVE-2026-48239
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tickid POST parameter is concatenated into the WHERE clause of SELECT statements in the incidents summary report without sanitization. Authenticated attackers can craft requests that alter query...
CVE-2026-48234
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/listrequests.php where the sort and dir GET parameters are concatenated into the ORDER BY clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics ...
CVE-2026-48230
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ticketsmdbimport.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters mdbhost, mdbdb, mdbuser, mdbpassword, mdbprefix,...
CVE-2026-48229
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routesi.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticketid GET parameter directly into HTML form hidden input value attributes...
CVE-2026-48228
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patientw.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the id and ticketid GET parameters directly into an HTML form action URL. Attackers ca...
CVE-2026-48225
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the type POST parameter directly into an HTML form hidden input value attribute. Attacker...
CVE-2026-48218
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmname and frmid POST parameters directly into rendered HTML content a...
CVE-2026-48221
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205a.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...
CVE-2026-48219
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...
CVE-2026-48222
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...
CVE-2026-48224
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics214.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...
CVE-2026-48216
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in dbloader.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters ticketshost, ticketsdb, ticketsuser, ticketspassword,...
CVE-2026-48217
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in deletemodule.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters modulechoice, flag, confirmation directly into render...