4 matches found
Exploit for SQL Injection in Devcode Openstamanager
CVE-2025-69214: OpenSTAManager has a SQL Injection in ajaxsel...
CVE-2025-69214
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajaxselect.php endpoint when handling the componenti operation. An authenticated attacker can inject malicious SQL code through the...
CVE-2025-69214 OpenSTAManager has a SQL Injection in ajax_select.php (componenti endpoint)
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, an SQL Injection vulnerability exists in the ajaxselect.php endpoint when handling the componenti operation. An authenticated attacker can inject malicious SQL code through the...
SQL Injection
Overview devcode-it/openstamanager is a management software for technical assistance and electronic invoicing Affected versions of this package are vulnerable to SQL Injection via the ajaxselect.php page when handling the componenti operation. An attacker can access, extract, or modify database...