CyberSec.Space Logo
Back to CVE Browser

CVE-2025-8025

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1660%
EPSS Percentile5.49th
PublishedFeb 11, 2026
Last ModifiedJun 5, 2026

Vulnerability Description

Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dinosoft ERP: from < 3.0.1 through 11022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0059
🔗 https://www.usom.gov.tr/bildirim/tr-26-0059

Related Vulnerabilities

CVE-2025-428510.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technol...

CVE-2025-437810.0

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile ...

CVE-2025-524310.0

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command In...

CVE-2025-958810.0

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archivin...