CVE-2016-5843
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-5843
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5843.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-5843
- Published
- 2016-09-17T02:59:00Z
- Modified
- 2025-04-12T13:42:46.540565Z
- Severity
-
- 9.4 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L CVSS Calculator
- Summary
- [none]
- Details
-
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
- References
-
- https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/
- https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9
- https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557
- https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3
- http://www.securityfocus.com/bid/93019
- https://security.alpinelinux.org/vuln/CVE-2016-5843
Affected packages
Alpine:v3.4 / gst-plugins-bad1
Package
- Name
- gst-plugins-bad1
- Purl
- pkg:apk/alpine/gst-plugins-bad1?arch=source
Alpine:v3.5 / gst-plugins-bad1
Package
- Name
- gst-plugins-bad1
- Purl
- pkg:apk/alpine/gst-plugins-bad1?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.8.3-r0
Affected versions
1.*
1.0.0-r0
1.0.1-r0
1.0.2-r0
1.0.3-r0
1.0.4-r0
1.0.5-r0
1.0.6-r0
1.0.7-r0
1.0.8-r0
1.0.9-r0
1.0.10-r0
1.2.0-r0
1.2.1-r0
1.2.2-r0
1.2.3-r0
1.2.4-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.4-r1
1.4.4-r2
1.5.2-r0
1.6.1-r0
1.6.3-r0
1.8.0-r0
1.8.1-r0
1.8.1-r1
1.8.1-r2
1.8.1-r3