13 matches found
EUVD-2022-51292
Malicious code in bioql PyPI...
CVE-2022-48596
A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
ScienceLogic SL1 SQL Injection Vulnerability (CNVD-2023-66423)
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...
CVE-2022-48596
A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48596
A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
Sql injection
A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user-controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48596
A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
CVE-2022-48596
A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database...
ScienceLogic SL1 SQL注入漏洞
ScienceLogic SL1 is an application from ScienceLogic, Inc. Connect your real estate together to automate multidirectional data flow and workflow. A SQL injection vulnerability exists in ScienceLogic SL1 11.1.2 and earlier versions, which stems from a lack of validation of externally entered SQL...
PT-2023-15868 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 affected versions not specified Description: A SQL injection issue exists in the "ticket queue watchers" feature of the ScienceLogic SL1. This feature takes unsanitized user-controlled input and passes it directly to a SQL...
osTicket 1.14.1 - (Ticket Queue) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting Exploit Author: Matthew Aberegg Vendor Homepage: https://osticket.com Patch Link:...
osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting
Exploit Title: osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting Date: 2020-05-26 Exploit Author: Matthew Aberegg Vendor Homepage: https://osticket.com Patch Link: https://github.com/osTicket/osTicket/commit/6c724ea3fe352d10d457d334dc054ef81917fde1 Version: osTicket 1.14.1 Tested o...
DEBIAN-CVE-2010-4763
The ACL-customer-status Ticket Type setting in Open Ticket Request System OTRS before 3.0.0-beta1 does not restrict the ticket options after an AJAX reload, which allows remote authenticated users to bypass intended ACL restrictions on the 1 Status, 2 Service, and 3 Queue via selections...