Murat Erdemi̇r

**Name of the Vulnerable Software and Affected Versions** PaperWork versions 6.1.0.9390 through 6.1.0.9397 **Description** The software contains a flaw due to improper neutralization of special elements used in an SQL command, leading to a SQL injection issue. This impacts the application's ability to securely interact with databases. The issue allows for Blind SQL Injection and SQL Injection. The vulnerability exists within Hibernate. **Recommendations** Update PaperWork to version 6.1.0.9398 or later.

**Name of the Vulnerable Software and Affected Versions** Aksis Technology Inc. Netty ERP versions prior to V.1.1000 **Description** Netty ERP contains a flaw due to improper neutralization of special elements used in an SQL command, leading to a SQL Injection issue. This allows for the potential execution of arbitrary SQL commands. The issue does not require login, potentially allowing unauthenticated attackers to compromise the system. The vulnerability could lead to data theft or system compromise. **Recommendations** Versions prior to V.1.1000 should be updated to V.1.1000 or later.