CVE-2026-5955
CRITICAL
9.8
CVSS 3.1
Description
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Inrove Software and Internet Services BiEticaret allows SQL Injection.
This issue affects BiEticaret: before v3.3.57.
Metadata
Severity & Metrics
9.8
CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Inrove Software and Internet Services | BiEticaret | — | 0 < v3.3.57 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-89 | cna | CWE-89 Improper neutralization of special elements used in an SQL command ('SQL injection') |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 9.8 | CRITICAL | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |