Yunus Örnek

**Name of the Vulnerable Software and Affected Versions** Logo Software Retail Sales Management versions through 20250918 Logo Software Diva versions through 4.56.00.00 **Description** A SQL injection issue exists in Logo Software Retail Sales Management and Diva due to improper neutralization of special elements used in an SQL command. This allows for potential authorization bypass through user-controlled SQL primary keys. The vulnerability is a blind SQL injection, CAPEC-7. **Recommendations** Logo Software Retail Sales Management versions prior to 20250918: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Logo Software Diva versions prior to 4.56.00.00: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vegagrup Software Vega Master versions 1.12.35 through 20250916 **Description** A vulnerability exists in Vegagrup Software Vega Master that allows directory indexing, potentially leading to exposure of sensitive system information to an unauthorized control sphere. **Recommendations** Update Vegagrup Software Vega Master to a version later than 20250916.

**Name of the Vulnerable Software and Affected Versions** inohom Nova Panel N7 versions through 1.9.9.6 **Description** The issue affects the inohom Nova Panel N7, allowing authentication bypass using an alternate path or channel. This enables unauthorized access. The vendor has stated that the product is not supported. **Recommendations** For inohom Nova Panel N7 versions through 1.9.9.6, as the product is not supported, consider upgrading to a supported version or applying security controls to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.