Open Ises
37 CVEsCVE IDSeverityProduct / summaryPublished
CVE-2026-48213
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add.php that allows…
2026-05-21
CVE-2026-48214
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in add_nm.php that all…
2026-05-21
CVE-2026-48215
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in circle.php that all…
2026-05-21
CVE-2026-48216
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in db_loader.php that …
2026-05-21
CVE-2026-48217
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in delete_module.php t…
2026-05-21
CVE-2026-48218
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb…
2026-05-21
CVE-2026-48219
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics202.php that all…
2026-05-21
CVE-2026-48220
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205.php that all…
2026-05-21
CVE-2026-48221
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205a.php that al…
2026-05-21
CVE-2026-48222
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213.php that all…
2026-05-21
CVE-2026-48223
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213rr.php that a…
2026-05-21
CVE-2026-48224
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics214.php that all…
2026-05-21
CVE-2026-48225
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in landb.php that allo…
2026-05-21
CVE-2026-48226
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in os_watch.php that a…
2026-05-21
CVE-2026-48227
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient.php that al…
2026-05-21
CVE-2026-48228
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in patient_w.php that …
2026-05-21
CVE-2026-48229
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in routes_i.php that a…
2026-05-21
CVE-2026-48230
MEDIUM 5.1
Tickets — Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ticketsmdb_import.p…
2026-05-21
CVE-2026-48231
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables.php where the multiple POST p…
2026-05-21
CVE-2026-48232
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/fullsit_incidents.php where the…
2026-05-21
CVE-2026-48233
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit_incidents.php where the off…
2026-05-21
CVE-2026-48234
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/list_requests.php where …
2026-05-21
CVE-2026-48235
HIGH 8.8
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude,…
2026-05-21
CVE-2026-48236
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loader.php where the multiple POS…
2026-05-21
CVE-2026-48237
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frm_ticket_id …
2026-05-21
CVE-2026-48238
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile_main.php where the id GE…
2026-05-21
CVE-2026-48239
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tick_id P…
2026-05-21
CVE-2026-48240
HIGH 7.1
Tickets — Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tick_i…
2026-05-21
CVE-2026-48241
CRITICAL 9.2
Tickets — Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing d…
2026-05-21
CVE-2026-48242
CRITICAL 9.2
Tickets — Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, username, pass…
2026-05-21
CVE-2026-48243
MEDIUM 6.9
Tickets — Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committ…
2026-05-21
CVE-2026-48244
MEDIUM 6.9
Tickets — Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed t…
2026-05-21
CVE-2026-48245
MEDIUM 6.9
Tickets — Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the …
2026-05-21
CVE-2026-48246
HIGH 8.2
Tickets — Open ISES Tickets before 3.44.2 disables TLS certificate verification in ajax/reports.php by setting CURLOPT_S…
2026-05-21
CVE-2026-48247
HIGH 8.2
Tickets — Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/functions.inc.php by setting CUR…
2026-05-21
CVE-2026-48248
HIGH 8.2
Tickets — Open ISES Tickets before 3.44.2 disables TLS certificate verification in incs/login.inc.php by setting CURLOPT…
2026-05-21
CVE-2026-48249
HIGH 8.2
Tickets — Open ISES Tickets before 3.44.2 disables TLS certificate verification in rm/incs/mobile_login.inc.php by setti…
2026-05-21