CVE-2024-9286

high

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TRtek Software Distant Education Platform allows SQL Injection, Parameter Injection. This issue affects Distant Education Platform: before 3.2024.11.

References

https://www.usom.gov.tr/bildirim/tr-24-1649

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1649

Details

Source: Mitre, NVD

Published: 2024-10-09

Updated: 2026-06-02

00

CVSS v4

Base Score: 8.8

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Severity: High

EPSS

EPSS: 0.00129