MidnightBSD

Advisories for talyabilisim

CVE-2024-1107

Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel APPS: before v17.0.68.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
iletisim@usom.gov.tr 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
talyabilisim travel_apps *
CVE-2024-1153

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel APPS: before v17.0.68.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
iletisim@usom.gov.tr 4.3 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 0.7 3.6

Products Affected

Vendor Product Version
talyabilisim travel_apps *