CVE-2024-10244: SQLi in ISDO Software's Web Software

9.8 CVSS

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ISDO Software Web Software allows SQL Injection.This issue affects Web Software: before 3.6.

Classification

CVE ID: CVE-2024-10244

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.8

Affected Products

Vendor: ISDO Software

Product: Web Software

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.09% (probability of being exploited)

EPSS Percentile: 40.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.usom.gov.tr/bildirim/tr-24-1893

Timeline

2024-12-20 00:32:52 UTC
CVE

SQLi in ISDO Software's Web Software