CVE-2023-1050

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in As Koc Energy Web Report System allows SQL Injection. This issue affects Web Report System: before 23.03.10.

critical 9.8 CVSS 3.1

Published: Mar 23, 2023

Modified: Jun 1, 2026

Vendor: Askoc

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in As Koc Energy Web Report System allows SQL Injection.

This issue affects Web Report System: before 23.03.10.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0166
https://www.usom.gov.tr/bildirim/tr-23-0166
https://www.usom.gov.tr/bildirim/tr-23-0166

Related CVEs

CVSS Breakdown

Version	3.1
Score	9.8 / 10
Severity	critical

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness (CWE)

CWE-89

Affected Product

Vendor	Askoc
Product	Web Report System