CyberSec.Space Logo
Back to CVE Browser

CVE-2023-0939

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0020%
EPSS Percentile25.02th
PublishedFeb 23, 2023
Last ModifiedJun 1, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NTN Information Technologies Online Services Software allows SQL Injection. This issue affects Online Services Software: before 1.17.

Affected Platforms (CPE)

๐Ÿ“ฆ
Online Services Project

Online Services

< 1.17

References & Advisories

๐Ÿ”— https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0103
๐Ÿ”— https://www.usom.gov.tr/bildirim/tr-23-0103
๐Ÿ”— https://www.usom.gov.tr/bildirim/tr-23-0103

Related Vulnerabilities

CVE-2020-356749.8

BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in /membership_passwordReset.php (t...

CVE-2018-12179.8

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2...

CVE-2020-94069.8

IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.

CVE-2008-14909.3

Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly o...