Shafuck31

Name of the Vulnerable Software and Affected Versions: chatwm version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `txtUse` and `txtPas` parameters in the SelGruFra.asp file. Recommendations: For chatwm version 1.0, consider restricting access to the SelGruFra.asp file until a patch is available. As a temporary workaround, avoid using the `txtUse` and `txtPas` parameters in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Okul Merkezi Portal version 1.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the `page` parameter in the ataturk.php file. Recommendations: For Okul Merkezi Portal version 1.0, consider restricting access to the ataturk.php file until a patch is available. As a temporary workaround, avoid using the `page` parameter in the affected file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Efkan Forum version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `grup` parameter in the default.asp file. Recommendations: For Efkan Forum version 1.0, consider restricting access to the default.asp file until a patch is available. As a temporary workaround, avoid using the `grup` parameter in the default.asp file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Burak Yylmaz Download Portal version (affected versions not specified) Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "down.asp" endpoint. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contra Haber Sistemi version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `id` parameter in the "haber.asp" file. **Recommendations** For Contra Haber Sistemi version 1.0, consider restricting access to the `id` parameter in the "haber.asp" file to minimize the risk of exploitation. As a temporary workaround, avoid using the `id` parameter in the affected file until the issue is resolved.