SQL injection vulnerability in include/class.staff.php in osTicket prior to 1.6 RC5 allows remote malicious users to execute arbitrary SQL commands via the staff username parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osticket osticket 1.6 |
||
osticket osticket |