CVE-2026-48239 | openises Tickets up to 3.44.1 POST Parameter ajax/reports.php tick_id sql injection

A vulnerability classified as critical was found in openises Tickets up to 3.44.1. This issue affects some unknown processing of the file ajax/reports.php of the component POST Parameter Handler. Executing a manipulation of the argument tick_id can lead to sql injection.

This vulnerability is registered as CVE-2026-48239. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More