Sitracker Support Incident Tracker vulnerabilities
22 known vulnerabilities affecting sitracker/support_incident_tracker.
Total CVEs
22
CISA KEV
0
Public exploits
8
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM17
Vulnerabilities
Page 2 of 2
CVE-2012-2235P4MEDIUMCVSS 4.3≤ 3.65v1.8.00+31 more2012-05-27
CVE-2012-2235 [MEDIUM] CWE-79 CVE-2012-2235: Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is not properly handled in an error message.
nvd
CVE-2011-5067P4MEDIUMCVSS 4.0v3.652012-01-29
CVE-2011-5067 [MEDIUM] CWE-200 CVE-2011-5067: move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users
move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error message.
nvd
← Previous2 / 2