CVE-2023-2045

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ipekyolu Software Auto Damage Tracking Software allows SQL Injection.This issue affects Auto Damage Tracking Software: before 4.

critical 9.8 CVSS 3.1

Published: May 24, 2023

Modified: Nov 21, 2024

Product: Software Auto Damage Tracking Software

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ipekyolu Software Auto Damage Tracking Software allows SQL Injection.This issue affects Auto Damage Tracking Software: before 4.

References

https://www.usom.gov.tr/bildirim/tr-23-0289
https://www.usom.gov.tr/bildirim/tr-23-0289

CVSS Breakdown

Version	3.1
Score	9.8 / 10
Severity	critical

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness (CWE)

CWE-89

Affected Product

Vendor	Ipekyolunet
Product	Software Auto Damage Tracking Software