We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-7026

SQLi in Teknogis Informatics' Closed Circuit Vehicle Tracking Software



Description

SQL Injection: Hibernate vulnerability in Teknogis Informatics Closed Circuit Vehicle Tracking Software allows SQL Injection, Blind SQL Injection.This issue affects Closed Circuit Vehicle Tracking Software: through 21.11.2024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Reserved 2024-07-23 | Published 2024-11-21 | Updated 2024-11-21 | Assigner TR-CERT


HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-564 SQL Injection: Hibernate

Product status

Default status
affected

Any version
affected

Credits

Yunus ORNEK finder

References

www.usom.gov.tr/bildirim/tr-24-1866

cve.org (CVE-2024-7026)

nvd.nist.gov (CVE-2024-7026)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-7026

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.