CVE-2023-2907

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1850%

EPSS Percentile24.43th

PublishedJun 19, 2023

Last ModifiedMay 22, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marksoft allows SQL Injection. This issue affects Marksoft: through Mobile:v.7.1.7 ; Login:1.4 ; API:20230605.

Affected Platforms (CPE)

📦

Marksoft

<= 7.1.7

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0363

🔗 https://www.usom.gov.tr/bildirim/tr-23-0363

Related Vulnerabilities

CVE-2023-27139.8

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-comme...

CVE-2023-343629.8

MOVEit Transfer SQL Injection vulnerability allows unauthenticated attackers to gain unauthorized access to MOVEit Transfer's data...

CVE-2023-20649.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Minova Technology eTrace all...

CVE-2023-350649.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Satos Satos Mobile allows SQ...