24 matches found
EUVD-2018-10629
Malware in sbrugna...
EUVD-2018-10630
Malware in sbrugna...
AbiSoft Ticketly SQL Injection Vulnerability
AbiSoft Ticketly is a PHP and MySQL based ticketing software from AbiSoft in the Republic of Guatemala. A SQL injection vulnerability exists in AbiSoft Ticketly version 1.0, which can be exploited by remote attackers to execute arbitrary SQL commands with the help of multiple parameters...
CVE-2018-18922
adduser in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/adduser.php POST request...
Sql injection
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, categoryid and description in action/addproject.php; kindid, priorityid, projectid, statusid and title in action/addticket.php; and kindid and statusid in reports.php...
CVE-2018-18922
adduser in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/adduser.php POST request...
CVE-2018-18923
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, categoryid and description in action/addproject.php; kindid, priorityid, projectid, statusid and title in action/addticket.php; and kindid and statusid in reports.php...
CVE-2018-18923
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, categoryid and description in action/addproject.php; kindid, priorityid, projectid, statusid and title in action/addticket.php; and kindid and statusid in reports.php...
Cross site request forgery (csrf)
adduser in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/adduser.php POST request...
CVE-2018-18922
adduser in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/adduser.php POST request...
CVE-2018-18923
CVE-2018-18923 is an authenticated SQL Injection issue affecting AbiSoft Ticketly 1.0. Concrete details across connected records show injections in multiple endpoints: action/addproject.php (name, category_id, description), action/addticket.php (kind_id, priority_id, project_id, status_id, title)...
CVE-2018-18922
CVE-2018-18922 affects AbiSoft Ticketly 1.0. A POST to /action/add_user.php without authentication lets remote attackers create administrator accounts, enabling privilege escalation. Public references document PoCs and exploits (e.g., Exploit-DB entry 45892; other sources). The available data con...
CVE-2018-18923
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, categoryid and description in action/addproject.php; kindid, priorityid, projectid, statusid and title in action/addticket.php; and kindid and statusid in reports.php...
Ticketly 1.0 - kind_id SQL Injection
Ticketly 1.0 - kindid SQL Injection Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...
Ticketly 1.0 - kind_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...
Ticketly 1.0 - 'kind_id' SQL Injection
Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql Affected Version:...
Ticketly 1.0 - name SQL Injection
Ticketly 1.0 - name SQL Injection Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...
Ticketly 1.0 - name SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql...
Ticketly 1.0 - 'name' SQL Injection
Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql Affected Version: 1...
Ticketly 1.0 SQL Injection
Exploit Title: Ticketly 1.0 a 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql Affected Version: 1...