Chernobile

Name of the Vulnerable Software and Affected Versions: MiNT Haber Sistemi version 2.7 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "duyuru.asp" file. Recommendations: For MiNT Haber Sistemi version 2.7, consider restricting access to the `id` parameter in the "duyuru.asp" file to minimize the risk of exploitation. As a temporary workaround, avoid using the `id` parameter in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vizayn Haber (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "haberdetay.asp" file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.