Description
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
Remediation
References
Related Vulnerabilities
OpenVPN AS Resource Management Errors Vulnerability (CVE-2014-8104)
WordPress 4.1.x Possible SQL Injection Vulnerability (4.1 - 4.1.19)
MySQL CVE-2018-3277 Vulnerability (CVE-2018-3277)
WordPress Plugin Easy Gallery Slideshow Cross-Site Scripting (1.1)
WordPress Plugin AdKlick Advertising Management Unspecified Vulnerability (1.1)