Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
turnkeylinux support incident tracker 3.67 |