geraldoalcantara/CVE-2023-50070

Releases0

Stars2

Multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket in Customer Support System 1.0 allow authenticated attackers to execute arbitrary SQL commands via department_id, customer_id and subject.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-50070 ↗	Dec 29, 2023Friday, 29 December 2023, 22:15	8.8 HIGH	—
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket via department_id, customer_id, and subject.