1 results (0.003 seconds)
CVSS: 9.4EPSS: 0%CPEs: 30EXPL: 0
CVSS: 9.4EPSS: 0%CPEs: 30EXPL: 0CVE-2016-5843
https://notcve.org/view.php?id=CVE-2016-5843
17 Sep 2016 — Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters. Múltiples vulnerabilidades de inyección SQL en el paquete FAQ 2.x en versiones anteriores a 2.3.6, 4.x en versiones anteriores a 4.0.5 y 5.x en versiones anteriores a 5.0.5 en Open Ticket Request System (OTRS) permiten a atacantes remotos ejecutar comandos SQL arbitrarios... • http://www.securityfocus.com/bid/93019 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •