3 matches found
CVE-2008-5165
Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to 1 index.php, 2 open.php, 3 openraw.php, and 4 newticket.php...
Sql injection
Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to 1 index.php, 2 open.php, 3 openraw.php, and 4 newticket.php...
CVE-2008-5165
CVE-2008-5165 affects eTicket 1.5.7, with multiple SQL injection vulnerabilities exposed via the pri parameter to index.php, open.php, open_raw.php, and newticket.php. The root cause is unparameterized SQL handling in these PHP entry points, enabling remote attackers to modify or exfiltrate data ...