CVE-2023-1153

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Command Line Execution through SQL Injection. This issue affects Pacsrapor: before 1.22.

critical 9.8 CVSS 3.1

Published: Mar 21, 2023

Modified: Jun 1, 2026

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Command Line Execution through SQL Injection.

This issue affects Pacsrapor: before 1.22.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0163
https://www.usom.gov.tr/bildirim/tr-23-0163
https://www.usom.gov.tr/bildirim/tr-23-0163

Related CVEs

CVSS Breakdown

Version	3.1
Score	9.8 / 10
Severity	critical

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness (CWE)

CWE-89

Affected Product

Vendor	Pacsrapor
Product	Pacsrapor