Search Results (3 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-5793 1 Inrove Software And Internet Services 1 Bieticaret Cms 2026-07-10 6.1 Medium
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Inrove Software and Internet Services BiEticaret allows Reflected XSS. This issue affects BiEticaret: before v3.3.57.
CVE-2026-5955 1 Inrove Software And Internet Services 1 Bieticaret Cms 2026-07-10 9.8 Critical
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Inrove Software and Internet Services BiEticaret allows SQL Injection. This issue affects BiEticaret: before v3.3.57.
CVE-2025-8350 1 Inrove Software And Internet Services 1 Bieticaret Cms 2026-06-05 9.8 Critical
Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services BiEticaret CMS allows Authentication Bypass, HTTP Response Splitting. This issue affects BiEticaret CMS: from 2.1.13 through 19022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.