SQL Injection in Sergestec Sistick

CVE-2025-41019

SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'id' parameter in '/index.php?view=ticket_detail'.

Vulnerability class: SQL Injection

EPSS: 0.003 (26.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References