2 matches found
CVE-2023-49970
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject parameter at /customersupport/ajax.php?action=saveticket...
CVE-2023-49970
Affected software: Customer Support System v1. The vulnerability is a SQL injection in the subject parameter of /customer_support/ajax.php?action=save_ticket. Root cause: lack of validation of externally-entered SQL statements via the subject parameter. Impact: high confidentiality, integrity, an...