Aybike Vural

**Name of the Vulnerable Software and Affected Versions** Ankara Hosting Website Design Website Software version 03022026 **Description** The software contains a Reflected Cross-site Scripting (XSS) issue due to improper neutralization of input during web page generation. This allows an attacker to inject malicious scripts into web pages viewed by other users. The vendor was contacted regarding this issue but did not respond. **Recommendations** Update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Kod8 Individual and SME Website versions through 03022026 **Description** The Kod8 Individual and SME Website software contains a flaw related to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting (XSS) condition. This allows an attacker to inject malicious scripts into web pages viewed by other users. The vendor was contacted regarding this issue but did not respond. **Recommendations** Versions through 03022026 should be updated when a fix becomes available.

**Name of the Vulnerable Software and Affected Versions** Seres Software syWEB versions through 03022026 **Description** The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting (XSS) condition. The vendor was contacted regarding this issue but did not respond. **Recommendations** Update to a version beyond 03022026.

**Name of the Vulnerable Software and Affected Versions** Webbeyaz Website Design Website Software versions through 2025.07.14 **Description** A flaw exists in Webbeyaz Website Design Website Software that allows for Cross-Site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. The vulnerability could potentially allow an attacker to inject malicious scripts into web pages viewed by other users. **Recommendations** Update Webbeyaz Website Design Website Software to a version later than 2025.07.14.

**Name of the Vulnerable Software and Affected Versions** Algoritim E-commerce Software versions prior to 3.9.2 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This means an attacker can inject malicious scripts into the website, potentially stealing user data or taking control of user sessions. The vendor was contacted about this disclosure but did not respond. **Recommendations** For versions prior to 3.9.2, update to version 3.9.2 or later to resolve the issue. As a temporary workaround, consider restricting user input validation to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Eskom e-Belediye versions 1.0.0.95 through 1.0.0.100 **Description** The issue is related to a Missing Authorization vulnerability, which allows Information Elicitation in Eskom e-Belediye. **Recommendations** For versions 1.0.0.95 through 1.0.0.100, update to version 1.0.0.100 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.