6 matches found
Customer Support System 1.0 - Multiple SQL injection Vulnerability
Exploit Title: Customer Support System 1.0 - Multiple SQL injection vulnerabilities Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
CVE-2023-50070
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customersupport/ajax.php?action=saveticket via departmentid, customerid, and subject...
Sql injection
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customersupport/ajax.php?action=saveticket via departmentid, customerid, and subject...
Lark Technologies: Sub-Dept User Can Add User's To Main Department.
A vulnerability was found where users with permissions to manage the user section can add others outside of their department by changing the value of "departmentid" to an empty value. We thank @imrannisar for reporting this to our team...
CVE-2008-5056
Cross-site scripting XSS vulnerability in departmentofflinecontext.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to inject arbitrary web script or HTML via the departmentid parameter to index.php...
Cross site scripting
Cross-site scripting XSS vulnerability in departmentofflinecontext.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to inject arbitrary web script or HTML via the departmentid parameter to index.php...