CVE-2025-4738

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0370%

EPSS Percentile3.99th

PublishedJun 19, 2025

Last ModifiedJun 5, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection. This issue affects MY ERP: before 1.170.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0132

🔗 https://www.usom.gov.tr/bildirim/tr-25-0132

Related Vulnerabilities

CVE-2025-984610.0

Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information Technology Industry Inc. Inka.Ne...

CVE-2025-432010.0

Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft So...

CVE-2025-958810.0

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archivin...

CVE-2025-428510.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technol...