SQL Injection Vulnerability in osTicket 1.3.1 Beta and Earlier: Remote Code Execution via ticket Variable

SQL Injection Vulnerability in osTicket 1.3.1 Beta and Earlier: Remote Code Execution via ticket Variable

CVE-2005-2153 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable.

Learn more about our Web Application Penetration Testing UK.