Количество 2
Количество 2
CVE-2025-69213
OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, a SQL Injection vulnerability exists in the ajax_complete.php endpoint when handling the get_sedi operation. An authenticated attacker can inject malicious SQL code through the idanagrafica parameter, leading to unauthorized database access. At time of publication, no known patch exists.
GHSA-w995-ff8h-rppg
OpenSTAManager has a SQL Injection in ajax_complete.php (get_sedi endpoint)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-69213 OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, a SQL Injection vulnerability exists in the ajax_complete.php endpoint when handling the get_sedi operation. An authenticated attacker can inject malicious SQL code through the idanagrafica parameter, leading to unauthorized database access. At time of publication, no known patch exists. | 0% Низкий | 4 дня назад | |
| GHSA-w995-ff8h-rppg OpenSTAManager has a SQL Injection in ajax_complete.php (get_sedi endpoint) | 0% Низкий | 5 дней назад |
Уязвимостей на страницу