CVE-2010-0438
EPSS 0.86%otrs2 - SQL injection
發布日:2010/2/9修改日:2026/4/28
描述
Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
受影響套件(2)
- Debian/otrs2from 0, < 2.4.7-1
- Debian/otrs2from 0, < 2.2.7-2lenny3