Vulnerability CVE-2021-45811
Published: 2023-09-08

Description:
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

 References:
http://enhancesoft.com
https://members.backbox.org/osticket-sql-injection/
http://osticket.com
Copyright 2026, cxsecurity.com

 

Back to Top