{"resultsPerPage":26,"startIndex":0,"totalResults":26,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-22T19:33:24.550","vulnerabilities":[{"cve":{"id":"CVE-2023-3000","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-06-02T08:15:09.003","lastModified":"2024-11-21T08:16:12.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erikoglu Technology ErMon allows Command Line Execution through SQL Injection, Authentication Bypass.This issue affects ErMon: before 230602.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erikogluteknoloji:energy_monitoring:*:*:*:*:*:*:*:*","versionEndExcluding":"230602","matchCriteriaId":"17784CA1-9EFD-4D5B-9CC6-2D5FFD72E0FC"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0315","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0315","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3047","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-06-13T12:15:09.477","lastModified":"2024-11-21T08:16:19.247","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TMT Lockcell allows SQL Injection.This issue affects Lockcell: before 15.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tmtmakine:lockcell_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"15.0","matchCriteriaId":"0AEA1741-BFBD-413B-A270-0F1438F1E9DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tmtmakine:lockcell:-:*:*:*:*:*:*:*","matchCriteriaId":"188C6BB7-34D5-4529-A793-22651CD088DF"}]}]}],"references":[{"url":"https://fordefence.com/cve-2023-3047-tmt-lockcell-sql-injection/","source":"iletisim@usom.gov.tr","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://fordefence.com/cve-2023-3047-tmt-lockcell-sql-injection/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3048","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-06-13T12:15:09.573","lastModified":"2024-11-21T08:16:19.393","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows Authentication Abuse, Authentication Bypass.This issue affects Lockcell: before 15.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tmtmakine:lockcell_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"15.0","matchCriteriaId":"0AEA1741-BFBD-413B-A270-0F1438F1E9DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tmtmakine:lockcell:-:*:*:*:*:*:*:*","matchCriteriaId":"188C6BB7-34D5-4529-A793-22651CD088DF"}]}]}],"references":[{"url":"https://fordefence.com/cve-2023-3048-authorization-bypass-through-user-controlled-key-vulnerability-allows-authentication-abuse-authentication-bypass/","source":"iletisim@usom.gov.tr","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://fordefence.com/cve-2023-3048-authorization-bypass-through-user-controlled-key-vulnerability-allows-authentication-abuse-authentication-bypass/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3049","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-06-13T12:15:09.667","lastModified":"2024-11-21T08:16:19.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted Upload of File with Dangerous Type vulnerability in TMT Lockcell allows Command Injection.This issue affects Lockcell: before 15.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tmtmakine:lockcell_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"15.0","matchCriteriaId":"0AEA1741-BFBD-413B-A270-0F1438F1E9DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tmtmakine:lockcell:-:*:*:*:*:*:*:*","matchCriteriaId":"188C6BB7-34D5-4529-A793-22651CD088DF"}]}]}],"references":[{"url":"https://fordefence.com/cve-2023-3049-unrestricted-upload-of-file-with-dangerous-type-vulnerability-allows-command-injection/","source":"iletisim@usom.gov.tr","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://fordefence.com/cve-2023-3049-unrestricted-upload-of-file-with-dangerous-type-vulnerability-allows-command-injection/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3050","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-06-13T12:15:09.750","lastModified":"2024-11-21T08:16:19.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass.This issue affects Lockcell: before 15.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-784"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-565"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tmtmakine:lockcell_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"15.0","matchCriteriaId":"0AEA1741-BFBD-413B-A270-0F1438F1E9DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tmtmakine:lockcell:-:*:*:*:*:*:*:*","matchCriteriaId":"188C6BB7-34D5-4529-A793-22651CD088DF"}]}]}],"references":[{"url":"https://fordefence.com/cve-2023-3050-reliance-on-cookies-without-validation-and-integrity-checking-in-a-security-decision-vulnerability-in-tmt-lockcell-allows-privilege-abuse-authentication-bypass/","source":"iletisim@usom.gov.tr","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://fordefence.com/cve-2023-3050-reliance-on-cookies-without-validation-and-integrity-checking-in-a-security-decision-vulnerability-in-tmt-lockcell-allows-privilege-abuse-authentication-bypass/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0345","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35064","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-06-13T15:15:14.257","lastModified":"2024-11-21T08:07:54.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering.This issue affects Satos Mobile: before 20230607.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:satos:satos_mobile:*:*:*:*:*:*:*:*","versionEndExcluding":"20230607","matchCriteriaId":"18C360C1-396A-4AE1-A896-D2871EF8A49F"}]}]}],"references":[{"url":"https://https://www.usom.gov.tr/bildirim/tr-23-0346","source":"iletisim@usom.gov.tr","tags":["Broken Link"]},{"url":"https://https://www.usom.gov.tr/bildirim/tr-23-0346","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2023-3045","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-10T16:15:54.783","lastModified":"2024-11-21T08:16:18.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tise Technology Parking Web Report allows SQL Injection.This issue affects Parking Web Report: before 2.1.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tise:parking_web_report:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1","matchCriteriaId":"0C61C596-E2AB-4C8C-B311-84CECD27CB9D"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0387","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0387","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35069","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-13T08:15:10.683","lastModified":"2024-11-21T08:07:55.063","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal.This issue affects Bullwark: before BLW-2016E-960H.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:biges:bullwark_momentum_series:*:*:*:*:*:*:*:*","versionEndExcluding":"blw-2016e-960h","matchCriteriaId":"9BB03767-CA9C-4BCA-A93B-48BC876257C5"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0401","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0401","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3319","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-13T08:15:10.837","lastModified":"2024-11-21T08:17:00.237","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iDisplay PlatPlay DS allows Stored XSS.This issue affects PlatPlay DS: before 3.14.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:idisplay:platplay_ds:*:*:*:*:*:*:*:*","versionEndExcluding":"3.14","matchCriteriaId":"A50803B4-18D9-4EF5-BFEA-3517C6C7EE23"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0402","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0402","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35070","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-13T14:15:09.333","lastModified":"2024-11-21T08:07:55.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VegaGroup Web Collection allows SQL Injection.This issue affects Web Collection: before 31197.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vegagroup:web_collection:*:*:*:*:*:*:*:*","versionEndExcluding":"31197","matchCriteriaId":"8C4FCC29-3E42-4E37-9A83-EC7C4BA59500"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0406","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0406","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2959","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-17T14:15:10.157","lastModified":"2024-11-21T07:59:38.973","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS allows Collect Data as Provided by Users.This issue affects Oliva Expertise EKS: before 1.2.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-305"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:olivaekspertiz:oliva_ekspertiz:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2","matchCriteriaId":"D47D3210-173C-4C8C-95DF-D2270E25D2CA"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0409","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0409","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2960","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-17T14:15:10.237","lastModified":"2024-11-21T07:59:39.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliva Expertise Oliva Expertise EKS allows Cross-Site Scripting (XSS).This issue affects Oliva Expertise EKS: before 1.2.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:olivaekspertiz:oliva_ekspertiz:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2","matchCriteriaId":"D47D3210-173C-4C8C-95DF-D2270E25D2CA"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0409","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0409","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2963","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-17T14:15:10.310","lastModified":"2024-11-21T07:59:39.490","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection.This issue affects Oliva Expertise EKS: before 1.2.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:olivaekspertiz:oliva_ekspertiz:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2","matchCriteriaId":"D47D3210-173C-4C8C-95DF-D2270E25D2CA"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0409","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0409","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3376","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-17T14:15:11.083","lastModified":"2024-11-21T08:17:08.053","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Strategy Zekiweb allows SQL Injection.This issue affects Zekiweb: before 2.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dijital:zekiweb:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0","matchCriteriaId":"B7F5DC71-4D38-4051-9181-EEE7E3997EC7"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0408","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0408","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3046","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-25T06:15:15.993","lastModified":"2024-11-21T08:16:19.097","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Biltay Technology Scienta allows SQL Injection.This issue affects Scienta: before 20230630.1953.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:biltay:scienta:*:*:*:*:*:*:*:*","versionEndExcluding":"20230630.1953","matchCriteriaId":"FDC97681-DD03-4A41-AB50-DF23EC31432C"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0418","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0418","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35066","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-25T07:15:10.627","lastModified":"2024-11-21T08:07:54.683","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infodrom Software E-Invoice Approval System allows SQL Injection.This issue affects E-Invoice Approval System: before v.20230701.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:infodrom:e-invoice_approval_system:*:*:*:*:*:*:*:*","versionEndExcluding":"20230701","matchCriteriaId":"6C5757C1-23EE-4408-B8B6-B859EE58F62E"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0419","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0419","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35067","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-07-25T07:15:10.770","lastModified":"2024-11-21T08:07:54.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Plaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable.This issue affects E-Invoice Approval System: before v.20230701.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-256"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:infodrom:e-invoice_approval_system:*:*:*:*:*:*:*:*","versionEndExcluding":"20230701","matchCriteriaId":"6C5757C1-23EE-4408-B8B6-B859EE58F62E"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0419","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0419","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3386","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-08-08T16:15:13.343","lastModified":"2024-11-21T08:17:09.387","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 Camera Trap Tracking System allows SQL Injection.This issue affects Camera Trap Tracking System: before 3.1905.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:a2technology:camera_trap_tracking_system:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1905","matchCriteriaId":"31471C5B-9A31-41BD-A7A9-3B8E29685715"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0444","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0444","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3522","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-08-08T16:15:13.470","lastModified":"2024-11-21T08:17:27.457","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 License Portal System allows SQL Injection.This issue affects License Portal System: before 1.48.\n\n"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:a2technology:license_portal_system:*:*:*:*:*:*:*:*","versionEndExcluding":"1.48","matchCriteriaId":"D05E3538-D8C6-49F5-8C6D-FDDEE63A8696"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0445","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0445","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3374","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-09-05T17:15:09.400","lastModified":"2024-11-21T08:17:07.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation.This issue affects Bookreen: before 3.0.0.\n\n"},{"lang":"es","value":"Una vulnerabilidad \"Incomplete List of Disallowed Inputs\" en Unisign Bookreen permite la escalada de privilegios: Este problema afecta a Bookreen: anterior a 3.0.0."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-184"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0","matchCriteriaId":"CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0489","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0489","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3375","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-09-05T17:15:09.497","lastModified":"2024-11-21T08:17:07.917","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.\n\n"},{"lang":"es","value":"La vulnerabilidad de carga de archivos sin restricciones con tipo peligroso en Unisign Bookreen permite la inyección de comandos en el sistema operativo. Este problema afecta a Bookreen anterior a la versión 3.0.0. "}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0","matchCriteriaId":"CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0489","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0489","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35065","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-09-05T18:15:10.067","lastModified":"2024-11-21T08:07:54.553","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Osoft Paint Production Management allows SQL Injection.This issue affects Paint Production Management: before 2.1.\n\n"},{"lang":"es","value":"Una vulnerabilidad en Osoft Paint Production Management de neutralización inadecuada de elementos especiales utilizados en un comando SQL permite inyección SQL. Este problema afecta a Paint Production Management anterior a la versión 2.1."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:osoft:dyeing_-_printing_-_finishing_production_management:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1","matchCriteriaId":"01732BFD-FD5F-4610-8A10-28463DEA50FC"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0490","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0490","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35068","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-09-05T18:15:10.327","lastModified":"2024-11-21T08:07:54.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BMA Personnel Tracking System allows SQL Injection.This issue affects Personnel Tracking System: before 20230904.\n\n"},{"lang":"es","value":"La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en BMA Personnel Tracking System permite la inyección SQL. Este problema afecta al Personnel Tracking System: antes de 20230904."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bma:personnel_tracking_system:*:*:*:*:*:*:*:*","versionEndExcluding":"20230904","matchCriteriaId":"285505CA-F529-496A-A791-1A390035AE4B"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0491","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0491","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35072","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-09-05T18:15:10.507","lastModified":"2024-11-21T08:07:55.443","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Coyav Travel Proagent allows SQL Injection.This issue affects Proagent: before 20230904 .\n\n"},{"lang":"es","value":"Se ha encontrado una vulnerabilidad de neutralización inadecuada de elementos especiales utilizados en un comando SQL en Coyav Travel Proagent que permite la inyección SQL. Este problema afecta a Proagent: antes de la versión 20230904. "}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coyavtravel:proagent:*:*:*:*:*:*:*:*","versionEndExcluding":"20230904","matchCriteriaId":"9F84B6E8-C243-4488-9244-6D6D7F181338"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0492","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0492","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-35071","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-09-27T15:18:52.687","lastModified":"2024-11-21T08:07:55.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MRV Tech Logging Administration Panel allows SQL Injection.This issue affects Logging Administration Panel: before 20230915 .\n\n"},{"lang":"es","value":"La Neutralización Inadecuada de Elementos Especiales utilizados en una vulnerabilidad de comando SQL ('SQL Injection') en MRV Tech Logging Administration Panel permite la inyección de SQL. Este problema afecta a Logging Administration Panel: versión anterior a 20230915."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mrv:logging_administration_panel:*:*:*:*:*:*:*:*","versionEndExcluding":"20230915","matchCriteriaId":"78F3077D-FB28-4026-A6B0-72BA6E8AC2DE"}]}]}],"references":[{"url":"https://www.usom.gov.tr/bildirim/tr-23-0560","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0560","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-3377","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-11-23T09:15:33.353","lastModified":"2024-11-21T08:17:08.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veribilim Software Computer Veribase allows SQL Injection.This issue affects Veribase: through 20231123. \n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\n\n"},{"lang":"es","value":"Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en Veribilim Software Computer Veribase permite la inyección SQL. Este problema afecta a Veribase: hasta 20231123. NOTA: Se contactó primeramente con el proveedor sobre esta divulgación, pero no respondió de ninguna manera. "}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:veribase:veribase:*:*:*:*:*:*:*:*","versionEndIncluding":"2023-11-23","matchCriteriaId":"AC3653D5-9075-4BA6-A489-35F6AD228E7B"}]}]}],"references":[{"url":"https://https://www.usom.gov.tr/bildirim/tr-23-0655","source":"iletisim@usom.gov.tr","tags":["Broken Link"]},{"url":"https://https://www.usom.gov.tr/bildirim/tr-23-0655","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}}]}