Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick

7.1 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Description

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tick_id and f_tick_id POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, or destroy database contents.

Basic Information

ID CVE-2026-48240

Source VulnCheck

Published May 21, 2026 at 17:10

Modified May 21, 2026 at 17:57

Affected Product

Vendor Open ISES

Product Tickets

Affected Versions Open ISES Tickets 0

CWE Classification

CWE-89

References

{
    "lastseen": "",
    "description": "Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tick_id and f_tick_id POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, or destroy database contents.",
    "published": "2026-05-21T17:10:52.447Z",
    "modified": "2026-05-21T17:57:46.749Z",
    "type": "cve",
    "title": "Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters",
    "source": "VulnCheck",
    "references": "https://github.com/openises/tickets/releases/tag/v3.44.2\nhttps://github.com/openises/tickets/commit/ecfeb406a016766cae81c749e14b5145a9f2dbff\nhttps://www.vulncheck.com/advisories/open-ises-tickets-sql-injection-via-ajax-statistics-php-tick-id-and-f-tick-id-parameters",
    "id": "CVE-2026-48240",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Open ISES Tickets 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Tickets",
    "version": "0",
    "vendor": "Open ISES",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters_CVE-2026-48240