CVE-2005-1437

Name of the Vulnerable Software and Affected Versions: osTicket (affected versions not specified)

Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the id parameter to "admin.php" or the cat parameter to "view.php".

Recommendations: For all affected versions, consider restricting access to the admin.php and view.php scripts until a patch is available. As a temporary workaround, avoid using the id parameter in the "admin.php" endpoint and the cat parameter in the "view.php" endpoint until the issue is resolved.