Known Vulnerabilities for products from Sitracker
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Sitracker".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-20223 | In Support Incident Tracker (SiT!) 3.67, the id parameter is affected by XSS on all endpoints that use this parameter, a rela... | 6.1 - MEDIUM | 2020-01-02 | 2020-01-03 |
| CVE-2019-20222 | In Support Incident Tracker (SiT!) 3.67, the Short Application Name and Application Name inputs in the config.php page are af... | 6.1 - MEDIUM | 2020-01-02 | 2020-01-03 |
| CVE-2019-20221 | In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, fo... | 6.1 - MEDIUM | 2020-01-02 | 2020-01-03 |
| CVE-2019-20220 | In Support Incident Tracker (SiT!) 3.67, the search_id parameter in the search_incidents_advanced.php page is affected by XSS... | 6.1 - MEDIUM | 2020-01-02 | 2020-01-03 |
| CVE-2012-2235 | Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to injec... | 4.3 - MEDIUM | 2012-05-27 | 2012-05-28 |
| CVE-2011-5075 | translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive informatio... | 5 - MEDIUM | 2012-01-29 | 2012-02-02 |
| CVE-2011-5074 | Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote at... | 6.8 - MEDIUM | 2012-01-29 | 2012-02-02 |
| CVE-2011-5073 | Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers... | 4.3 - MEDIUM | 2012-01-29 | 2012-02-02 |
| CVE-2011-5072 | Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to execute a... | 7.5 - HIGH | 2012-01-29 | 2012-02-02 |
| CVE-2011-5071 | Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.64 allow remote attackers to execute a... | 7.5 - HIGH | 2012-01-29 | 2012-02-02 |
| CVE-2011-5070 | Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to inj... | 4.3 - MEDIUM | 2012-01-29 | 2017-08-29 |
| CVE-2011-5069 | Unrestricted file upload vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote ... | 6 - MEDIUM | 2012-01-29 | 2017-08-29 |
| CVE-2011-5068 | Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers... | 6.8 - MEDIUM | 2012-01-29 | 2017-08-29 |
| CVE-2011-5067 | move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive info... | 4 - MEDIUM | 2012-01-29 | 2012-10-12 |
| CVE-2011-4337 | Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote a... | 7.5 - HIGH | 2012-01-29 | 2012-02-02 |
| CVE-2011-3833 | Unrestricted file upload vulnerability in ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authe... | 6 - MEDIUM | 2012-01-29 | 2017-08-29 |
| CVE-2011-3832 | Eval injection vulnerability in config.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated administra... | 6.5 - MEDIUM | 2012-01-29 | 2017-08-29 |
| CVE-2011-3831 | SQL injection vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers t... | 7.5 - HIGH | 2012-01-29 | 2017-08-29 |
| CVE-2011-3830 | Cross-site scripting (XSS) vulnerability in search.php in Support Incident Tracker (aka SiT!) 3.65 allows remote attackers to... | 4.3 - MEDIUM | 2012-01-29 | 2017-08-29 |
| CVE-2011-3829 | ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive informa... | 4 - MEDIUM | 2012-01-29 | 2017-08-29 |
Known software with vulnerabilities from Sitracker
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sitracker | Support Incident Tracker | 1.8.00 |