CVE-2016-5843
CVE-2016-5843
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/http://www.securityfocus.com/bid/93019