📦 Gestsup

This SQL injection vulnerability in GestSup allows authenticated attackers to manipulate database queries during ticket creation. Attackers can potentially access or modify sensitive database contents...

This SQL injection vulnerability in GestSup allows authenticated attackers to manipulate database queries through asset list parameters. Attackers can access or modify database contents depending on t...

GestSup versions up to 3.2.60 contain a CSRF vulnerability that allows attackers to trick authenticated users into performing unauthorized actions. An attacker can exploit this to create privileged ad...

GestSup versions before 3.2.60 contain a SQL injection vulnerability in the search bar functionality. Authenticated attackers can manipulate database queries through user-controlled search input, pote...

This CVE describes a pre-authentication stored XSS vulnerability in GestSup's API error logging functionality. Unauthenticated attackers can inject malicious scripts into log entries, which execute wh...