You are here

CVE-2010-0438

Vincent (CVE) Danen's picture
Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Details Source

Mitre

Public Date

2010-02-08 00:00:00

Impact

Low

Bugzilla

CVE-2010-0438 OTRS: Multiple SQL injection flaws in OTRS-Core (OSA-2010-01)

Bugzilla ID

563 486

CVSS Status

draft

Base Score

2.70

Base Metrics

AV:A/AC:L/Au:S/C:N/I:P/A:N