CVE-2020-15308 – Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL in …

Vuln ID: CVE-2020-15308

Published:  2020-06-26  11:15:14Z

Description: Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.

Source: NVD.NIST.GOV

 

Tags