mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
698 B
698 B
CVE-2009-2361
Description
SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.
POC
Reference
- http://osticket.com/forums/project.php?issueid=118
- http://osticket.com/forums/project.php?issueid=118
Github
No PoCs found on GitHub currently.