|
4931
|
7.1 |
HIGH
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables.php where the multiple POST parameters (tablename, indexname, sortby) are concatenated into table/column identifiers i…
|
CWE-89
SQL Injection
|
CVE-2026-48231
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4932
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ticketsmdb_import.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsan…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48230
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4933
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routes_i.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized va…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48229
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4934
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient_w.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized v…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48228
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4935
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized val…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48227
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4936
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in os_watch.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized va…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48226
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4937
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48225
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4938
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics214.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized valu…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48224
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4939
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213rr.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized va…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48223
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4940
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized valu…
|
CWE-79
Cross-site Scripting
|
CVE-2026-48222
|
2026-05-22 03:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
