Vulnerabilities

CVE-2024-10244

by Fred · 19/12/2024

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in ISDO Software Web Software allows SQL Injection.This issue affects Web Software: before 3.6.

More information : https://www.usom.gov.tr/bildirim/tr-24-1893

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 9.8
Base severity : CRITICAL
Exploitability score : 3.9
Impact score : 5.9

Similar

Tags: Cybersecurity Alert