CVE-2016-5843

Publication date

2016-09-17 01:00:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.