Description
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Best WordPress FAQ Cross-Site Scripting (1.4.8)
WordPress Plugin Augmented reality Unspecified Vulnerability (1.2.0)
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)
e107 Other Vulnerability (CVE-2004-2040)
WordPress Plugin Smart Slider 3 Cross-Site Scripting (3.5.0.8)