CVE-2026-48216 | openises Tickets up to 3.44.1 db_loader.php cross site scripting

Inserito da Angelo Barbosa | Mag 21, 2026 | CVE

A vulnerability, which was classified as problematic, was found in openises Tickets up to 3.44.1. The affected element is an unknown function of the file db_loader.php. The manipulation of the argument ticketshost/ticketsdb/ticketsuser/ticketspassword/ticketsprefix/db_schema results in cross site scripting.

This vulnerability is reported as CVE-2026-48216. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-48216 | openises Tickets up to 3.44.1 db_loader.php cross site scripting

Post correlati

CVE-2024-52947 | LemonLDAP::NG up to 2.20.0 Upgrade Session Plugin cross site scripting (Issue 3257)

CVE-2024-42422 | Dell NetWorker authorization (dsa-2024-478)

CVE-2022-48766 | Linux Kernel up to 5.16.4 on FPU AMD Display dcn301_calculate_wm_and_dlg denial of service (456ba2433844/25f1488bdbba)

CVE-2025-8188 | Campcodes Courier Management System 1.0 /edit_staff.php ID sql injection