exploitDog

GHSA-pcmp-g22v-hjp8

Опубликовано: 16 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 9.3

Описание

SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticket_detail'.

SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticket_detail'.

Ссылки

EPSS

Процентиль: 14%

0.00045

Низкий

9.3 Critical

CVSS4

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-41019

nvd

4 месяца назад

SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticket_detail'.

EPSS

Процентиль: 14%

0.00045

Низкий

9.3 Critical

CVSS4

CVE ID

Дефекты

CWE-89