What is CVE-2021-45811?

CVE-2021-45811 is a vulnerability in N/a. Published 2023-09-08.

Is CVE-2021-45811 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-45811

A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

EPSS: 0.631 (98.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cve-scores
cyb3r-w0lf/nuclei-template-collection

References

osticket.com
enhancesoft.com
members.backbox.org/osticket-sql-injection/

Frequently asked questions

What is CVE-2021-45811?: CVE-2021-45811 is a vulnerability in N/a. Published 2023-09-08.
Is CVE-2021-45811 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.