MidnightBSD

Advisories for hornbill

CVE-2013-2594 HIGH

SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4.14 allows remote attackers to execute arbitrary SQL commands via the callref parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
hornbill supportworks_itsm 1.0.0
hornbill supportworks_itsm 3.4.14