CVE Security

high 8.1

28/05/2026

Vulnérabilité high détectée - CVE-2026-48242

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, username, password, database name) in import_mdb.php. ...

Web

CVE-2026-48242

Lire l'article

medium 5.3

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48243

Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any ...

Web

CVE-2026-48243

Lire l'article

medium 5.3

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48244

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key ...

Web

CVE-2026-48244

Lire l'article

medium 5.3

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48245

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be...

Web

CVE-2026-48245

Lire l'article

high 7.1

28/05/2026

Vulnérabilité high détectée - CVE-2026-48237

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frm_ticket_id and frm_resp_id POST parameters are conc...

Web

CVE-2026-48237

Lire l'article

high 7.1

28/05/2026

Vulnérabilité high détectée - CVE-2026-48238

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile_main.php where the id GET parameter is concatenated into the WHE...

Mobile Web

CVE-2026-48238

Lire l'article

high 7.1

28/05/2026

Vulnérabilité high détectée - CVE-2026-48239

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tick_id POST parameter is concatenated into the W...

Web

CVE-2026-48239

Lire l'article

high 7.1

28/05/2026

Vulnérabilité high détectée - CVE-2026-48233

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit_incidents.php where the offset GET parameter is concatenated into t...

Web

CVE-2026-48233

Lire l'article

high 7.1

28/05/2026

Vulnérabilité high détectée - CVE-2026-48234

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/list_requests.php where the sort and dir GET parameters are conc...

Web

CVE-2026-48234

Lire l'article

high 8.2

28/05/2026

Vulnérabilité high détectée - CVE-2026-48235

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and...

Web

CVE-2026-48235

Lire l'article

high 7.1

28/05/2026

Vulnérabilité high détectée - CVE-2026-48236

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loader.php where the multiple POST parameters (ticketsdb, ticketshost, ti...

Web

CVE-2026-48236

Lire l'article

medium 5.4

28/05/2026

Vulnérabilité medium détectée - CVE-2026-48227

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient.php that allows authenticated attackers to inject a...

Applications Web

CVE-2026-48227

Lire l'article