Security Advisory

CVE-2023-53935

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-18 19:53:32

Last updated 2026-04-07 14:07:54

Assigner VulnCheck

State PUBLISHED

Description

WBiz Desk 1.2 contains a SQL injection vulnerability that allows non-admin users to manipulate database queries through the tk parameter in ticket.php. Attackers can inject crafted SQL statements using UNION-based techniques to extract sensitive database information by sending malformed requests to the ticket endpoint.

← Browse all CVEs View on cve.org ↗