Authors:traceprobe Risk：High CVE：CVE-2018-10284 0day:SQL Injection 0day-id:0DAY-10284 Date：2018-04-22
Adaltech G-Ticket v70 EME104 has SQL Injection via the mobile-loja/mensagem.asp eve_cod parameter.
WHAT IS G-TICKET? G-Ticket is an innovative and complete online platform that allows you to manage and execute all ticket sales and validation processes, whether at points of sale, online store, facebook, mobile or box office, being customized with your logo to have your own business and make your brand appear and grow. ‘”
Proof of Concept
Reported failure 08/28/2017
Correction ?? (to date the fault has not yet been fixed)