CVE-2020-15308

Support Incident Tracker (SiT!/SiTracker) 3.67 p2 has a post-authentication SQL injection vulnerability exposed via: site_edit.php (typeid or site), search_incidents_advanced.php (search_title), and report_qbe.php (criteriafield). Connected documents confirm the CVE-2020-15308 details and associa...