Gokhan Uygan

**Name of the Vulnerable Software and Affected Versions** Osoft Paint Production Management versions prior to 2.1 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions prior to 2.1, update to a version 2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive SQL commands and validating user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BMA Personnel Tracking System versions before 20230904 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. **Recommendations** For versions before 20230904, update to a version released after 20230904 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database queries to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Infodrom Software E-Invoice Approval System versions prior to 20230701 **Description** The issue affects the Infodrom Software E-Invoice Approval System, where a Plaintext Storage of a Password vulnerability allows reading sensitive strings within an executable. **Recommendations** For versions prior to 20230701, update to version 20230701 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Infodrom Software E-Invoice Approval System versions prior to 20230701 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions prior to 20230701, update to version 20230701 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Oliva Expertise EKS versions prior to 1.2 **Description** The issue allows for authentication bypass by primary weakness, enabling the collection of data as provided by users. **Recommendations** For versions prior to 1.2, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Oliva Expertise EKS versions prior to 1.2 **Description** The issue affects Oliva Expertise EKS, allowing Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation. **Recommendations** For versions prior to 1.2, update to a version that contains a fix for this issue to prevent Cross-Site Scripting (XSS) attacks.

**Name of the Vulnerable Software and Affected Versions** Oliva Expertise EKS versions prior to 1.2 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions prior to 1.2, update to version 1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Satos Mobile versions prior to 20230607 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection through SOAP Parameter Tampering. **Recommendations** For versions prior to 20230607, update to a version released after 20230607 to resolve the issue. As a temporary workaround, consider restricting access to SOAP parameters to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Erikoglu Technology ErMon versions prior to 230602 **Description** The issue is related to an SQL Injection vulnerability, allowing for Command Line Execution and Authentication Bypass. This is due to the improper neutralization of special elements used in an SQL command. **Recommendations** For versions prior to 230602, update to a version 230602 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive SQL commands and authentication mechanisms to minimize the risk of exploitation.