CVE-2023-7081

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHSİL Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.
References
Link Resource
https://www.usom.gov.tr/bildirim/tr-24-0103 Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-24-0103 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:postahsil:online_payment_system:*:*:*:*:*:*:*:*

History

26 Feb 2025, 07:32

Type Values Removed Values Added
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHS?L Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHSİL Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.

23 Jan 2025, 16:53

Type Values Removed Values Added
First Time Postahsil
Postahsil online Payment System
References () https://www.usom.gov.tr/bildirim/tr-24-0103 - () https://www.usom.gov.tr/bildirim/tr-24-0103 - Third Party Advisory
CPE cpe:2.3:a:postahsil:online_payment_system:*:*:*:*:*:*:*:*
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHSİL Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHS?L Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.

21 Nov 2024, 08:45

Type Values Removed Values Added
References () https://www.usom.gov.tr/bildirim/tr-24-0103 - () https://www.usom.gov.tr/bildirim/tr-24-0103 -

29 Feb 2024, 01:42

Type Values Removed Values Added
Summary
  • (es) La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en POSTAHS?L Online Payment System permite la inyección de SQL. Este problema afecta a Online Payment System: antes del 14.02.2024.
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHS?L Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHSİL Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.

15 Feb 2024, 19:55

Type Values Removed Values Added
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHSİL Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHS?L Online Payment System allows SQL Injection.This issue affects Online Payment System: before 14.02.2024.

15 Feb 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-15 16:15

Updated : 2025-02-26 07:32


NVD link : CVE-2023-7081

Mitre link : CVE-2023-7081

CVE.ORG link : CVE-2023-7081


JSON object : View

Products Affected

postahsil

  • online_payment_system
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')