Product:

Customer_support_system

(Oretnom23)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 4
Date Id Summary Products Score Patch Annotated
2024-03-21 CVE-2023-49978 Incorrect access control in Customer Support System v1 allows non-administrator users to access administrative pages and execute actions reserved for administrators. Customer_support_system 8.8
2024-03-06 CVE-2023-49971 A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customer_support/index.php?page=customer_list. Customer_support_system 6.1
2024-03-06 CVE-2023-49973 A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customer_support/index.php?page=customer_list. Customer_support_system 6.1
2023-12-29 CVE-2023-50070 Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket via department_id, customer_id, and subject. Customer_support_system 8.8