6 matches found
Sql injection
SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewticket action...
CVE-2009-2639
SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewticket action...
CVE-2009-2639
CVE-2009-2639 affects MRCGIGUY The Ticket System 2.0 (admin.php) where the viewticket action vulnerable to SQL injection via the id parameter. Root cause is unsafely concatenated SQL in the vulnerable endpoint, enabling remote arbitrary SQL execution. Consequences described are arbitrary SQL comm...
CVE-2009-2080
CVE-2009-2080 concerns admin.php in MRCGIGUY The Ticket System 2.0. The vulnerability is a failure to properly restrict access, enabling remote attackers to (1) obtain sensitive configuration information via the editconfig action and (2) change the administrator’s password via the id parameter in...
MRCGIGUY The Ticket System 2.0 - Insecure Cookie Handling
MRCGIGUY The Ticket System 2.0 - Insecure Cookie Handling --------------------------------------------------------------- --------------------------------------------------------------- The Ticket System / The Ticket System PHP Version 2.0 Insecure Cookie Handling Vulnerability...
MRCGIGUY The Ticket System 2.0 Insecure Cookie Handling Vuln
Exploit for unknown platform in category web applications...