Description
SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to execute arbitrary SQL commands and obtain usernames and passwords via the frm_search_in parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by undefined1_ · perlwebappsphp
https://www.exploit-db.com/exploits/1609
References (5)
Scores
EPSS
0.0056
EPSS Percentile
68.2%
Details
Status
published
Products (3)
php_ticket/php_ticket
0.5
php_ticket/php_ticket
0.6
php_ticket/php_ticket
< 0.71
Published
Mar 29, 2006
Tracked Since
Feb 18, 2026