PHP Support Tickets 'page' Parameter Remote PHP Code Execution Vulnerability Network Vulnerability

Summary

PHP Support Tickets is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. PHP Support Tickets 2.2 is vulnerable other versions may also be affected.

References

http://www.phpsupporttickets.com/index.php
http://www.securityfocus.com/bid/49567

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
Advantech WebAccess Multiple Vulnerabilities
Apache Struts2 Redirection and Security Bypass Vulnerabilities
ASUS RT56U Router Multiple Vulnerabilities
Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability

Take action and discover your vulnerabilities