CVE-2016-5843

CRITICAL

9.4

CVSS Severity Score

EPSS Score0.1190%

EPSS Percentile39.39th

Published2016年9月17日

Last Modified2026年5月6日

Vulnerability Description

Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.

Affected Platforms (CPE)

📦

Otrs

Faq

= 2.0.1

📦

Otrs

Faq

= 2.0.2

📦

Otrs

Faq

= 2.0.3

📦

Otrs

Faq

= 2.0.4

📦

Otrs

Faq

= 2.0.5

📦

Otrs

Faq

= 2.0.6

📦

Otrs

Faq

= 2.0.7

📦

Otrs

Faq

= 2.0.8

📦

Otrs

Faq

= 2.1.0

📦

Otrs

Faq

= 2.1.1

📦

Otrs

Faq

= 2.1.2

📦

Otrs

Faq

= 2.1.3

📦

Otrs

Faq

= 2.1.4

📦

Otrs

Faq

= 2.2.0

📦

Otrs

Faq

= 2.2.1

📦

Otrs

Faq

= 2.2.2

📦

Otrs

Faq

= 2.2.3

📦

Otrs

Faq

= 2.3.0

📦

Otrs

Faq

= 2.3.1

📦

Otrs

Faq

= 2.3.2

📦

Otrs

Faq

= 2.3.3

📦

Otrs

Faq

= 2.3.4

📦

Otrs

Faq

= 4.0.0

📦

Otrs

Faq

= 4.0.1

📦

Otrs

Faq

= 4.0.2

📦

Otrs

Faq

= 4.0.3

📦

Otrs

Faq

= 5.0.0

📦

Otrs

Faq

= 5.0.1

📦

Otrs

Faq

= 5.0.2

📦

Otrs

Faq

= 5.0.3

References & Advisories

🔗 http://www.securityfocus.com/bid/93019

🔗 https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9

🔗 https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557

🔗 https://github.com/OTRS/FAQ/commit/b805703e7b7725d1f3040bb626a4c4dd845ee9e3

🔗 https://www.otrs.com/security-advisory-2016-01-security-update-otrs-faq-package/

🔗 http://www.securityfocus.com/bid/93019

🔗 https://github.com/OTRS/FAQ/commit/3700f75c67f6ed1d39bc213445c6d12a458e1af9

🔗 https://github.com/OTRS/FAQ/commit/8c9d63bd0297adda760330805c31afc130861557

Vulnerability Description

Affected Platforms (CPE)

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

Faq

References & Advisories

関連する脆弱性情報