Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213rr.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized val
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in delete_module.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitize
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsa
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205a.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized valu
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in search.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in os_watch.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized val
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile_main.php where the id GET parameter is concatenated into the WHERE clause of a SELECT statement used as a ticket-e
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loader.php where the multiple POST parameters (ticketsdb, ticketshost, ticketsuser, ticketspassword) are concatenated into
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frm_ticket_id and frm_resp_id POST parameters are concatenated into WHERE clauses of SELECT/UPDATE state
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticket_id parameter.
The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameters in all versions up to, and including, 2.4.4 due to insufficient input
A security vulnerability has been detected in SourceCodester Train Station Ticketing System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_ticket. Such man
A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the file /create-ticket.php of the component Create T
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tick_id POST parameter is concatenated into the WHERE clause of SELECT statements in the incidents
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the ticket subject field that allows authenticated staff members to inject malicious JavaScript by manipulating the e
A Cross-Site Scripting (XSS) vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. The vulnerability allows remote attacke
A HTML Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables.php where the multiple POST parameters (tablename, indexname, sortby) are concatenated into table/column identifiers in