Multiple SQL injection vulnerabilities in the FAQ package 2.x prior to 2.3.6, 4.x prior to 4.0.5, and 5.x prior to 5.0.5 in Open Ticket Request System (OTRS) allow remote malicious users to execute arbitrary SQL commands via crafted search parameters.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
otrs faq 2.3.2 |
||
otrs faq 2.3.3 |
||
otrs faq 2.1.2 |
||
otrs faq 2.1.3 |
||
otrs faq 2.0.6 |
||
otrs faq 2.0.7 |
||
otrs faq 5.0.2 |
||
otrs faq 5.0.1 |
||
otrs faq 2.2.1 |
||
otrs faq 2.2.2 |
||
otrs faq 2.2.3 |
||
otrs faq 2.0.2 |
||
otrs faq 2.0.3 |
||
otrs faq 4.0.1 |
||
otrs faq 4.0.2 |
||
otrs faq 2.3.0 |
||
otrs faq 2.3.1 |
||
otrs faq 2.1.0 |
||
otrs faq 2.1.1 |
||
otrs faq 2.0.4 |
||
otrs faq 2.0.5 |
||
otrs faq 4.0.3 |
||
otrs faq 5.0.3 |
||
otrs faq 2.3.4 |
||
otrs faq 2.2.0 |
||
otrs faq 2.1.4 |
||
otrs faq 2.0.1 |
||
otrs faq 2.0.8 |
||
otrs faq 4.0.0 |
||
otrs faq 5.0.0 |
Vulmon