Oretnom23: >> Customer Support System Security Vulnerabilities
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/manage_department.php.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-03-05
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/index.php?page=edit_customer.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-03-05
Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject parameter at /customer_support/ajax.php?action=save_ticket.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-03-05
A local file inclusion (LFI) in Customer Support System v1 allows attackers to include internal PHP files and gain unauthorized acces via manipulation of the page= parameter at /customer_support/index.php.
CVSS Score
4.9
EPSS Score
0.004
Published
2024-03-01
A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-03-01
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket via department_id, customer_id, and subject.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-29
Page 2