CVE-2020-15308

2020-06-2610:15:11

mitre

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

39.2%

JSON

Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.

References

code610.blogspot.com/2020/06/postauth-sqli-in-sitracker-v367-p2.html