CVE-2023-2957

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0360%

EPSS Percentile2.11th

PublishedJul 13, 2023

Last ModifiedMay 22, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lisa Software Florist Site allows SQL Injection. This issue affects Florist Site: before 3.0.

Affected Platforms (CPE)

📦

Lisayazilim

Florist Site

< 3.0

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0403

🔗 https://www.usom.gov.tr/bildirim/tr-23-0403

Related Vulnerabilities

CVE-2023-27139.8

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-comme...

CVE-2023-350649.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Satos Satos Mobile allows SQ...

CVE-2023-20649.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Minova Technology eTrace all...

CVE-2023-451999.8

Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.