| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-0267 | 7.5 |
Multiple SQL injection vulnerabilities in eTicket 1.5.5.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) status, (2) sort, and (3) way parameters to search.php; and allow remote authenticated administrators to execute
|
15-10-2018 - 21:58 | 15-01-2008 - 20:00 | |
| CVE-2008-0266 | 2.6 |
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attack
|
15-10-2018 - 21:58 | 15-01-2008 - 20:00 | |
| CVE-2008-0268 | 4.3 |
Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
15-10-2018 - 21:58 | 15-01-2008 - 20:00 | |
| CVE-2008-0093 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in eTicket 1.5.5.2, and 1.5.6 RC2 and RC3, allow remote attackers to inject arbitrary web script or HTML via the (1) Name and (2) Subject parameters.
|
08-08-2017 - 01:29 | 08-01-2008 - 01:46 |