6 matches found
CVE-2025-70141
The CVE-2025-70141 issue affects SourceCodester Customer Support System 1.0, where ajax.php’s dispatcher is missing authentication/authorization before invoking administrative methods in admin_class.php based on the action parameter. This allows an unauthenticated remote attacker to perform sensi...
CVE-2023-50071
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customersupport/ajax.php?action=savedepartment via id or name...
CVE-2023-50070
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customersupport/ajax.php?action=saveticket via departmentid, customerid, and subject...
CVE-2023-50071
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customersupport/ajax.php?action=savedepartment via id or name...
CVE-2023-50070
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customersupport/ajax.php?action=saveticket via departmentid, customerid, and subject...
CVE-2023-50070
CVE-2023-50070 affects Sourcecodester Customer Support System 1.0. It reports multiple SQL injection vulnerabilities in the endpoint /customer_support/ajax.php?action=save_ticket, exploitable via the parameters department_id , customer_id , and subject . The consolidated sources describe the vuln...