Alican Ozdemir

Name of the Vulnerable Software and Affected Versions: Saha365 App versions prior to 30.09.2024 Description: The issue is related to the improper neutralization of special elements used in an SQL command, allowing SQL injection. This problem affects the Saha365 App. Recommendations: For versions prior to 30.09.2024, update to a version released after 30.09.2024 to resolve the issue. As a temporary workaround, consider restricting access to sensitive SQL commands to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Inohom Home Manager Gateway versions prior to 1.27.12 **Description** The issue affects Inohom Home Manager Gateway, allowing Account Footprinting due to an Improper Protection for Outbound Error Messages and Alert Signals vulnerability. **Recommendations** For versions prior to 1.27.12, update to version 1.27.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TRtek Software Education Portal versions prior to 3.2023.29 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions prior to 3.2023.29, update to a version 3.2023.29 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database queries until a patch is available. Avoid using user-supplied input in SQL commands without proper sanitization.

**Name of the Vulnerable Software and Affected Versions** Biltay Technology Kayisi versions prior to 1286 **Description** The issue is related to an SQL Injection vulnerability, which allows for the improper neutralization of special elements used in an SQL command. This can lead to SQL Injection and Command Line Execution through SQL Injection. **Recommendations** For versions prior to 1286, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to SQL commands to minimize the risk of exploitation. Avoid using user-input data directly in SQL queries until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Biltay Technology Procost versions prior to 1390 **Description** The issue is related to an SQL Injection vulnerability, allowing for improper neutralization of special elements used in an SQL command. This can lead to SQL Injection and Command Line Execution through SQL Injection. **Recommendations** For versions prior to 1390, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to sensitive SQL commands and validating user input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Marksoft versions through Mobile:v.7.1.7 Marksoft version Login:1.4 Marksoft version API:20230605 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For Marksoft versions through Mobile:v.7.1.7, update to a version that fixes the SQL Injection issue. For Marksoft version Login:1.4, update to a version that fixes the SQL Injection issue. For Marksoft version API:20230605, update to a version that fixes the SQL Injection issue. As a temporary workaround, consider restricting access to sensitive database elements to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** DTS Electronics Redline Router versions prior to 7.17 **Description** The issue is related to an Authentication Bypass by Primary Weakness vulnerability in the firmware of the DTS Electronics Redline Router. This vulnerability allows for authentication bypass. **Recommendations** For versions prior to 7.17, update to version 7.17 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Akinsoft Wolvox versions prior to 8.02.03 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting malicious SQL code. **Recommendations** For versions prior to 8.02.03, update to version 8.02.03 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** B2B Customer Ordering System versions prior to 1.0.0.347 **Description** The issue is an authenticated Reflected XSS vulnerability. This vulnerability has been fixed in version 1.0.0.347. **Recommendations** For versions prior to 1.0.0.347, update to version 1.0.0.347 to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable components until the update can be applied.