CVE-2026-48238 | openises Tickets up to 3.44.1 SELECT Statement ajax/mobile_main.php ID sql injection

A vulnerability classified as critical has been found in openises Tickets up to 3.44.1. This vulnerability affects unknown code of the file ajax/mobile_main.php of the component SELECT Statement Handler. Performing a manipulation of the argument ID results in sql injection.

This vulnerability is cataloged as CVE-2026-48238. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More