CVE-2026-48240 | openises Tickets up to 3.44.1 SELECT Statement ajax/statistics.php tick_id sql injection

Inserito da Angelo Barbosa | Mag 21, 2026 | CVE

A vulnerability, which was classified as critical, has been found in openises Tickets up to 3.44.1. Impacted is an unknown function of the file ajax/statistics.php of the component SELECT Statement Handler. The manipulation of the argument tick_id leads to sql injection.

This vulnerability is documented as CVE-2026-48240. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-48240 | openises Tickets up to 3.44.1 SELECT Statement ajax/statistics.php tick_id sql injection

Post correlati

CVE-2026-2705 | Open Babel up to 3.1.1 MOL2 File include/openbabel/atom.h OBAtom::SetFormalCharge out-of-bounds (Issue 2848)

CVE-2024-37164 | cvat-ai cvat up to 2.14.2 server-side request forgery

CVE-2024-40552 | Sanluan PublicCMS 4.0.202302.e ScriptComponent.java cmdarray Privilege Escalation

CVE-2025-68836 | Table of Contents Creator Plugin up to 1.6.4.1 on WordPress cross site scripting