Back to overview

CVE-2026-8307

CRITICAL
9.8
CVSS 3.1
Description
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported.

Metadata

CVE ID
CVE-2026-8307
State
PUBLISHED
Assigner
TR-CERT
Reserved
2026-05-11 12:01 UTC
Published
2026-07-08 12:14 UTC
Last updated
2026-07-08 12:17 UTC
Primary CWE
CWE-89
CWE-89 Improper neutralization of special elements used in a…
Vendor / Product
Webbeyaz Web Design / Mediküm Web
Sources
cve.org  ·  NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products (1)
VendorProductPlatformVersions
Webbeyaz Web Design Mediküm Web 0 ≤ 08072026
Weakness (CWE)
CWESourceDescription
CWE-89 cna CWE-89 Improper neutralization of special elements used in an SQL command ('SQL injection')
CVSS scores (1)
ScoreSeverityVersionSourceVector
9.8 CRITICAL 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Back to overview