MidnightBSD

Advisories for arslansoft_education_portal_project

CVE-2023-5634

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ArslanSoft Education Portal allows SQL Injection.This issue affects Education Portal: before v1.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
iletisim@usom.gov.tr 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
arslansoft_education_portal_project arslansoft_education_portal *
CVE-2023-5635

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting.This issue affects Education Portal: before v1.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
iletisim@usom.gov.tr 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
arslansoft_education_portal_project arslansoft_education_portal *
CVE-2023-5636

Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.This issue affects Education Portal: before v1.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
iletisim@usom.gov.tr 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
arslansoft_education_portal_project arslansoft_education_portal *
CVE-2023-5637

Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
iletisim@usom.gov.tr 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
arslansoft_education_portal_project arslansoft_education_portal *