CVE-2026-48242 | openises Tickets up to 3.44.1 Configuration import_mdb.php host/username/password/database name hard-coded credentials
A vulnerability has been found in openises Tickets up to 3.44.1 and classified as critical. This issue affects some unknown processing of the file import_mdb.php of the component Configuration Handler. The manipulation of the argument host/username/password/database name leads to hard-coded credentials.
This vulnerability is traded as CVE-2026-48242. It is possible to initiate the attack remotely. There is no exploit available.
The affected component should be upgraded.