OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected