Ferit Özner

#6757of 53,633
40Total CVSS
Vulnerabilities · 5
Medium
1
High
3
Critical
1
PT-2026-48918
6.5
2026-06-12
Interactive Media Marketing · Related Marketing Cloud · CVE-2026-5792
**Name of the Vulnerable Software and Affected Versions** Related Marketing Cloud (RMC) versions prior to 12052026 **Description** An authentication bypass by spoofing issue in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud (RMC) allows for brute force attacks. **Recommendations** Update to a version later than 12052026.
PT-2026-40901
9.8
2026-05-14
Unknown · Ecommerce-Website · CVE-2026-2347
**Name of the Vulnerable Software and Affected Versions** E-Commerce Website versions prior to 4.5.001 **Description** An authorization bypass exists due to a user-controlled key, which allows for session hijacking. This is an Insecure Direct Object Reference (IDOR), a condition where an application provides direct access to objects based on user-supplied input. **Recommendations** Update to version 4.5.001 or later.
PT-2026-38421
8.8
2026-05-07
Unknown · Proticaret E-Commerce · CVE-2026-3953
**Name of the Vulnerable Software and Affected Versions** Proticaret E-Commerce versions 5.0.0 through 6.0.1767.1382 **Description** Improper neutralization of input during web page generation allows for Reflected Cross-Site Scripting (XSS), a flaw where an application includes untrusted data in a web page without proper validation or escaping, enabling attackers to execute malicious scripts in the victim's browser. **Recommendations** Update Proticaret E-Commerce to version 6.0.1767.1383.
PT-2026-22139
7.6
2026-02-26
Dokuzsoft Technology · E-Commerce Product · CVE-2025-14343
**Name of the Vulnerable Software and Affected Versions** Dokuzsoft Technology Ltd. E-Commerce Product versions through 10122025 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to a Reflected Cross-site Scripting (XSS) condition. The issue allows for the execution of malicious scripts through web pages. The vulnerable product is developed by Dokuzsoft Technology Ltd.Şti. **Recommendations** Versions prior to 10122025 should be updated.
PT-2025-46330
7.3
2025-11-11
Unknown · Perfektive · CVE-2025-10161
**Name of the Vulnerable Software and Affected Versions** Perfektive versions prior to 12574 Build 2701 **Description** The software exhibits issues related to improper restriction of excessive authentication attempts, client-side enforcement of server-side security, and reliance on untrusted inputs in a security decision. This can lead to brute force attacks, authentication bypass, and functionality bypass. The issue is associated with CWE-307, CWE-602, and CWE-807. **Recommendations** Update Perfektive to version 12574 Build 2701 or later.