CVE-2016-5843

Published: Sep 17, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/

x_refsource_CONFIRM

93019

vdb-entry

x_refsource_BID

https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3

x_refsource_CONFIRM

https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557

x_refsource_CONFIRM

https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-5843

Description

Affected Products

References