Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/05/21 5:10 p.m.48 views

CVE-2026-48240 Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS0.00218EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 5:10 p.m.13 views

EUVD-2026-31322

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS5.9AI score0.00218EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.21 views

tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from the fact that the POST parameters tickid and ftickid were directly concatenated into the...

7.1CVSS5.9AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/07/30 12:0 a.m.7 views

PT-2021-20596 · Sendgrid · Wordpress Sender Plugin

Name of the Vulnerable Software and Affected Versions: SendGrid WordPress plugin versions up to and including 1.11.8 Description: The issue allows authenticated users to bypass authorization and export statistics for a WordPress multi-site main site. This is possible due to a vulnerability in the...

4.3CVSS4.3AI score0.00698EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2021/07/21 12:0 a.m.8 views

VulnCheck KEV: CVE-2021-34629

The SendGrid WordPress plugin is vulnerable to authorization bypass via the getajaxstatistics function found in the /lib/class-sendgrid-statistics.php file which allows authenticated users to export statistic for a WordPress multi-site main site, in versions up to and including 1.11.8...

4.3CVSS5.7AI score0.00698EPSS
Exploits1References1
Rows per page
Query Builder