Eticket : Security Vulnerabilities, CVEs, Published In 2008 (CSRF)
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administrative tasks. NOTE: either the old password must be known, or the attacker must leverage a separate SQL injection vulnerability.
Max CVSS
2.6
EPSS Score
1.50%
Published
2008-01-15
Updated
2018-10-15
1 vulnerabilities found