CVE-2025-4738

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0370%

EPSS Percentile3.99th

Published2025年6月19日

Last Modified2026年6月5日

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection. This issue affects MY ERP: before 1.170.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0132

🔗 https://www.usom.gov.tr/bildirim/tr-25-0132

相關漏洞威脅

CVE-2025-428510.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technol...

CVE-2025-437810.0

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile ...

CVE-2025-524310.0

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command In...

CVE-2025-432010.0

Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft So...