Eval injection vulnerability in config.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated administrators to execute arbitrary PHP code via the application_name parameter in a save action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sitracker support incident tracker 3.65 |