Filtered by vendor Sitracker
Subscribe
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-5074 | 1 Sitracker | 1 Support Incident Tracker | 2012-02-02 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via (1) user_profile_edit.php or (2) user_add.php. | |||||
| CVE-2011-5071 | 1 Sitracker | 1 Support Incident Tracker | 2012-02-02 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.64 allow remote attackers to execute arbitrary SQL commands via the (1) exc[] parameter to report_marketing.php, (2) selected[] parameter to tasks.php, (3) sites[] parameter to billable_incidents.php, or (4) search_string parameter to search.php. NOTE: some of these details are obtained from third party information. | |||||