Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote malicious users to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 parameters to index.php, or (6) the e-mail field of the Forgot Key feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kayako esupport 2.1.2 |
||
kayako esupport 2.1.8 |
||
kayako esupport 2.3 |
||
kayako esupport 2.2 |
||
kayako esupport 2.2.5 |