CVE-2023-4674

Q: How severe is CVE-2023-4674?

CVSS scoring is not yet available for CVE-2023-4674. Check NVD for updates.

Q: Is there a patch for CVE-2023-4674?

Check the references section above for vendor advisories and patch information. Affected products include: Yaztekteknoloji E-Commerce.

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection. This issue affects E-Commerce Software: through 20231229. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Affected Products

Vendor	Product	Versions
Yaztekteknoloji	E-Commerce	<= 20231229

Related Weaknesses (CWE)

CWE-89

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0741
https://www.usom.gov.tr/bildirim/tr-23-0741Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-23-0741Third Party Advisory

FAQ

What is CVE-2023-4674?

CVE-2023-4674 is a documented vulnerability. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection. This ...

How severe is CVE-2023-4674?

CVSS scoring is not yet available for CVE-2023-4674. Check NVD for updates.

Is there a patch for CVE-2023-4674?

Check the references section above for vendor advisories and patch information. Affected products include: Yaztekteknoloji E-Commerce.