Yağız Bi̇lgi̇li̇

#10096of 53,633
27.4Total CVSS
Vulnerabilities · 3
High
1
Critical
2
PT-2024-38543
9.3
2024-09-23
Exnet Informatics · Ferry Reservation System · CVE-2024-7735
**Name of the Vulnerable Software and Affected Versions** Exnet Informatics Software Ferry Reservation System versions prior to 240805-002 **Description** The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, potentially enabling attackers to manipulate data. The vulnerability affects the Ferry Reservation System by Exnet Informatics. **Recommendations** For versions prior to 240805-002, upgrade to a version that includes the fix for this issue to mitigate the risk of remote exploitation and protect sensitive data. As a temporary workaround, consider restricting access to sensitive data and implementing additional security measures to minimize the risk of exploitation.
PT-2024-38614
8.8
2024-09-23
Exnet Informatics · Exnet Informatics Software Ferry Reservation System · CVE-2024-7835
**Name of the Vulnerable Software and Affected Versions** Exnet Informatics Software Ferry Reservation System versions prior to 240805-002 **Description** The issue affects the Exnet Informatics Software Ferry Reservation System, allowing Reflected XSS due to Improper Neutralization of Input During Web Page Generation. This is a type of Cross-site Scripting vulnerability. **Recommendations** For versions prior to 240805-002, update the system to a version that includes the security patch to mitigate the risk of Reflected XSS. As a temporary workaround, consider restricting user input to minimize the risk of exploitation. Ensure that all user-generated content is properly sanitized before being displayed on the web page.
PT-2024-38579
9.3
2024-09-19
Ece · Electronic Ticket System · CVE-2024-7785
**Name of the Vulnerable Software and Affected Versions** Ece Software Electronic Ticket System versions prior to 2024.08 **Description** The issue affects the Electronic Ticket System, allowing for Reflected XSS, or Cross-Site Scripting (XSS), due to improper neutralization of input during web page generation. **Recommendations** For versions prior to 2024.08, update to a version released after 2024.08 to mitigate the risk of Reflected XSS. As a temporary workaround, consider restricting user input in web page generation to minimize the risk of exploitation.