SQL injection vulnerability in submitticket.php in WHMCompleteSolution (WHMCS) 4.2 allows remote malicious users to execute arbitrary SQL commands via the deptid parameter.
whmcs whmcs 4.2