RSS   Podatności dla 'Ticketly'   RSS

2018-12-13
 
CVE-2018-18923

CWE-89
 

 
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.

 
 
CVE-2018-18922

CWE-425
 

 
add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/add_user.php POST request.

 


Copyright 2024, cxsecurity.com

 

Back to Top