CVE-2025-4738

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0370%

EPSS Percentile3.99th

Published2025年6月19日

Last Modified2026年6月5日

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection. This issue affects MY ERP: before 1.170.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0132

🔗 https://www.usom.gov.tr/bildirim/tr-25-0132

関連する脆弱性情報

CVE-2025-437810.0

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile ...

CVE-2025-524310.0

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command In...

CVE-2025-428510.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technol...

CVE-2025-984610.0

Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information Technology Industry Inc. Inka.Ne...