SQL Injection in Sergestec Sistick
CVE-2025-41019
SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticket_detail'.
Vulnerability class: SQL Injection
EPSS: 0.003 (26.6th percentile) — read the EPSS interpretation.
Affected products
- Sergestec Sistick — versions 7.2