CVE-2023-35070

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0540%

EPSS Percentile15.53th

PublishedJul 13, 2023

Last ModifiedMay 22, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VegaGroup Web Collection allows SQL Injection. This issue affects Web Collection: before 31197.

Affected Platforms (CPE)

📦

Vegagroup

Web Collection

< 31197

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0406

🔗 https://www.usom.gov.tr/bildirim/tr-23-0406

Related Vulnerabilities

CVE-2011-005710.0

Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMo...

CVE-2015-75019.8

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterp...

CVE-2017-160209.8

Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute ...

CVE-2013-07569.3

Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderb...