translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Support_incident_tracker | Sitracker | 3.6 (including) | 3.6 (including) |
| Support_incident_tracker | Sitracker | 3.45 (including) | 3.45 (including) |
| Support_incident_tracker | Sitracker | 3.45-beta1 (including) | 3.45-beta1 (including) |
| Support_incident_tracker | Sitracker | 3.50 (including) | 3.50 (including) |
| Support_incident_tracker | Sitracker | 3.50-beta1 (including) | 3.50-beta1 (including) |
| Support_incident_tracker | Sitracker | 3.51 (including) | 3.51 (including) |
| Support_incident_tracker | Sitracker | 3.60 (including) | 3.60 (including) |
| Support_incident_tracker | Sitracker | 3.61 (including) | 3.61 (including) |
| Support_incident_tracker | Sitracker | 3.62 (including) | 3.62 (including) |
| Support_incident_tracker | Sitracker | 3.63 (including) | 3.63 (including) |
| Support_incident_tracker | Sitracker | 3.63-beta1 (including) | 3.63-beta1 (including) |
| Support_incident_tracker | Sitracker | 3.64 (including) | 3.64 (including) |
| Support_incident_tracker | Sitracker | 3.65 (including) | 3.65 (including) |