VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 9, 2010· Updated Apr 29, 2026

CVE-2010-0438

CVE-2010-0438

Description

Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Affected products

26
  • OTRS/Otrs26 versions
    cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*+ 25 more
    • cpe:2.3:a:otrs:otrs:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:otrs:otrs:2.4.6:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.