NuytsTech Security

CVE-2008-5165

by ·

Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php.

Date published : 2008-11-19

http://www.securityfocus.com/bid/29973

http://www.eticketsupport.com/announcements/170_is_in_the_building-t91.0.html

Tags: