Berat Kirmaz

**Name of the Vulnerable Software and Affected Versions** Ekol Informatics Website Template versions through 20231215 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. **Recommendations** For versions through 20231215, update to a version released after 20231215 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database queries to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Yordam MedasPro versions prior to 28 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can inject malicious scripts into the website, potentially stealing user data or taking control of user sessions. **Recommendations** For versions prior to 28, update to version 28 or later to resolve the issue. As a temporary workaround, consider restricting user input to prevent malicious scripts from being injected into the website. Avoid using user-supplied input in sensitive areas of the web application until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** DTS Electronics Redline Router versions prior to 7.17 **Description** The issue allows for authentication bypass by alternate name, enabling unauthorized access. This is a significant concern as it compromises the security of the affected devices. **Recommendations** For versions prior to 7.17, update to version 7.17 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the router until the update can be applied.