CVE-2023-35070

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0540%

EPSS Percentile15.53th

Published2023年7月13日

Last Modified2026年5月22日

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VegaGroup Web Collection allows SQL Injection. This issue affects Web Collection: before 31197.

Affected Platforms (CPE)

📦

Vegagroup

Web Collection

< 31197

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0406

🔗 https://www.usom.gov.tr/bildirim/tr-23-0406

関連する脆弱性情報

CVE-2011-005710.0

Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMo...

CVE-2015-75019.8

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterp...

CVE-2017-160209.8

Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute ...

CVE-2013-07569.3

Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderb...