SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion

Summary simplesamlphp-module-casserver builds file paths for the file-based CAS ticket store by directly concatenating the configured ticket directory with an attacker-controlled ticket identifier. Public CAS validation/proxy endpoints pass attacker-controlled ticket / pgt query parameters into...

CVE-2025-14034

The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'deletesingleticketcallback' and 'changeticketstatuscallback' functions in all versions up to, and including, 1.2.6. This makes it...

CVE-2025-7663

The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /class-ovaem-ajax.php file in all versions up to, and including, 1.8.6. This makes it possible for unauthenticated attackers to delete ticket files,...

CVE-2023-24199

Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at deleteticket.php...

CVE-2024-42766

Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...

CVE-2024-42764

Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery CSRF via /deleteTicket.php...

Kashipara Bus Ticket Reservation System 安全漏洞

Kashipara Bus Ticket Reservation System is a bus reservation system from Kashipara. A cross-site request forgery vulnerability exists in Kashipara Bus Ticket Reservation System v1.0, which stems from /deleteTicket.php not adequately verifying that the request comes from a trusted user, and can be...

PT-2024-30136 · Unknown · Kashipara Bus Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: Kashipara Bus Ticket Reservation System version 1.0 0 Description: The issue concerns Incorrect Access Control, allowing unauthorized actions via the "/deleteTicket.php" API endpoint. This enables unauthorized booking deletions due to broken...

CVE-2024-42766

Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php...

CVE-2023-24199

Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at deleteticket.php...

Raffle Draw System SQL注入漏洞

Raffle Draw System is a simple lottery system by Carlo Montero Personal Developer. A security vulnerability exists in Raffle Draw System that stems from an SQL injection issue in the id parameter of the deleteticket.php page...

CVE-2020-10489

CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request...

DEBIAN-CVE-2012-4733

Request Tracker RT 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors...