Vulnerabilities > Eticket

DATE	CVE	VULNERABILITY TITLE	RISK
2008-11-19	CVE-2008-5165	SQL Injection vulnerability in Eticket 1.5.7 Multiple SQL injection vulnerabilities in eTicket 1.5.7 allow remote attackers to execute arbitrary SQL commands via the pri parameter to (1) index.php, (2) open.php, (3) open_raw.php, and (4) newticket.php. network low complexity eticket CWE-89	7.5
2008-02-01	CVE-2008-0552	Cross-Site Scripting vulnerability in Eticket 1.5.6Rc4 Cross-site scripting (XSS) vulnerability in index.php in eTicket 1.5.6-RC4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. network eticket CWE-79	4.3
2008-01-15	CVE-2008-0268	Cross-Site Scripting vulnerability in Eticket 1.5.5.2 Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter. network eticket CWE-79	4.3
2008-01-15	CVE-2008-0267	SQL Injection vulnerability in Eticket 1.5.5.2 Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (4) msg and (5) password parameters to admin.php. network low complexity eticket CWE-89	7.5
2008-01-15	CVE-2008-0266	Cross-Site Request Forgery (CSRF) vulnerability in Eticket 1.5.5.2 Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. network high complexity eticket CWE-352	2.6
2008-01-08	CVE-2008-0093	Cross-Site Scripting vulnerability in Eticket 1.5.5.2/1.5.6Rc2/1.5.6Rc3 Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the (1) Name and (2) Subject parameters. network eticket CWE-79	4.3
2007-06-30	CVE-2007-2801	Cross-Site Scripting vulnerability in Eticket 1.5.5/1.5.5.1 Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) err and (2) warn parameters. network eticket CWE-79	4.3
2007-06-28	CVE-2007-2800	Information Disclosure vulnerability in eTicket index.php in eTicket 1.5.5.1 and earlier allows remote attackers to obtain sensitive information via the (1) name[], (2) email[], (3) phone[], or (4) subject[] parameters, which reveals the installation path in the resulting error messages. network low complexity eticket	5.0

Vulnerabilities > Eticket {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Eticket"}]}

Vulnerabilities > Eticket