Overview
- Description
- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper Input Validation vulnerability in TRtek Software Distant Education Platform allows SQL Injection, Parameter Injection.This issue affects Distant Education Platform: before 3.2024.11.
- Source
- iletisim@usom.gov.tr
- NVD status
- Awaiting Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 8.8
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 0
- Impact score
- 0
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
- Severity
- NONE
Weaknesses
- iletisim@usom.gov.tr
- CWE-20
Social media
- Hype score
- Not currently trending