Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
GestSup versions prior to 3.2.60 contain a SQL injection vulnerability in ticket creation functionality. User-controlled input provided during ticket creation is incorporated into SQL queries without
GestSup versions prior to 3.2.60 contain a SQL injection vulnerability in the search bar functionality. User-controlled search input is incorporated into SQL queries without sufficient neutralization,
GestSup versions prior to 3.2.60 contain multiple SQL injection vulnerabilities in the asset list functionality. Multiple request parameters used to filter, search, or sort assets are incorporated int
An issue was discovered in Centreon centreon-open-tickets 24.10.x before 24.10.0, 24.04.x before 24.04.2, 23.10.x before 23.10.1, 23.04.x before 23.04.3, and 22.10.x before 22.10.2. SQL injection can
A security vulnerability has been detected in SourceCodester Train Station Ticketing System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_ticket. Such man
GestSup versions prior to 3.2.60 contain a pre-authentication stored cross-site scripting (XSS) vulnerability in the API error logging functionality. By sending an API request with a crafted X-API-KEY
A vulnerability, which was classified as critical, has been found in PHPGurukul Park Ticketing Management System 2.0. This issue affects some unknown processing of the file /view-normal-ticket.php. Th
A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parame
CVE-2025-45017
CRITICAL CVSS 9.8
Find Similar
A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary code via the tprice
A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary cod
A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/proc
A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been classified as critical. This affects an unknown part of the file /view-foreigner-ticket.php. The manipulation
The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ticket_id parameter.
A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /foreigner-search.php. The manipulat
CVE-2025-2812
CRITICAL CVSS 9.8
Find Similar
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection. This issue affects Ticket
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issu
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loader.php where the multiple POST parameters (ticketsdb, ticketshost, ticketsuser, ticketspassword) are concatenated into
A vulnerability, which was classified as critical, has been found in itsourcecode Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file checkout_ticket_save.p
CVE-2024-54811
CRITICAL CVSS 9.8
Find Similar
A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "login" parameter.
Page 1+ Next →