CVE-2026-22194

GestSup versions up to and including 3.2.60 contain a cross-site request forgery CSRF vulnerability where the application does not verify the authenticity of client requests. An attacker can induce a logged-in user to submit crafted requests that perform actions with the victim's privileges. This...

PT-2026-2168

Name of the Vulnerable Software and Affected Versions GestSup versions up to and including 3.2.56 Description GestSup versions up to and including 3.2.56 contain a SQL injection issue in the search bar functionality. User-controlled search input is incorporated into SQL queries without sufficient...

GESTSUP 跨站脚本漏洞

GESTSUP is a software application from the French company GESTSUP. It is 100% web-based SUPport MANAGEMENT software that manages tickets and devices. A cross-site scripting vulnerability exists in GESTSUP 3.2.56 and prior versions, which stems from a flaw in the API error logging functionality th...

PT-2026-2169

Name of the Vulnerable Software and Affected Versions GestSup versions up to and including 3.2.56 Description GestSup versions up to and including 3.2.56 contain a SQL injection issue in the ticket creation functionality. User-controlled input during ticket creation is used in SQL queries without...