CyberSec.Space Logo
CVEブラウザに戻る

CVE-2023-0939

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0020%
EPSS Percentile25.02th
Published2023年2月23日
Last Modified2026年6月1日

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NTN Information Technologies Online Services Software allows SQL Injection. This issue affects Online Services Software: before 1.17.

Affected Platforms (CPE)

📦
Online Services Project

Online Services

< 1.17

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0103
🔗 https://www.usom.gov.tr/bildirim/tr-23-0103
🔗 https://www.usom.gov.tr/bildirim/tr-23-0103

関連する脆弱性情報

CVE-2020-356749.8

BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in /membership_passwordReset.php (t...

CVE-2018-12179.8

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2...

CVE-2020-94069.8

IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.

CVE-2008-14909.3

Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly o...