sahici

9 exploits Active since May 2025
CVE-2025-5329 NOMISEC CRITICAL STUB
Martcode Software Inc. Delta Course Automation through 04022026 <4.02.2026 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection.This issue affects Delta Course Automation: through 04022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 9.8
CVE-2025-4784 NOMISEC CRITICAL
Moderec Tourtella < 26.05.2025 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Moderec Tourtella allows SQL Injection.This issue affects Tourtella: before 26.05.2025.
CVSS 9.8
CVE-2025-4822 NOMISEC CRITICAL STUB
ScadaWatt Otopilot <27.05.2025 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bayraktar Solar Energies ScadaWatt Otopilot allows SQL Injection.This issue affects ScadaWatt Otopilot: before 27.05.2025.
CVSS 9.8
CVE-2025-5319 NOMISEC CRITICAL STUB
DIGITA Efficiency Management System <03022026 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection.This issue affects DIGITA Efficiency Management System: through 03022026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 9.8
CVE-2025-4686 NOMISEC HIGH STUB
Kodmatic Online Exam and Assessment through 30012026 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co. Online Exam and Assessment allows SQL Injection.This issue affects Online Exam and Assessment: through 30012026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 8.6
CVE-2025-4688 NOMISEC CRITICAL STUB
BGS Interactive SINAV.LINK <1.2 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection.This issue affects SINAV.LINK Exam Result Module: before 1.2.
CVSS 9.8
CVE-2025-2404 NOMISEC MEDIUM STUB
Ubit STOYS <20250916 - XSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ubit Information Technologies STOYS allows Cross-Site Scripting (XSS).This issue affects STOYS: from 2 before 20250916.
CVSS 4.3
CVE-2025-2812 NOMISEC CRITICAL WORKING POC
Mydata Ticket Sales Automation < 2025-04-03 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection.This issue affects Ticket Sales Automation: before 03.04.2025 (DD.MM.YYYY).
CVSS 9.8
CVE-2025-2301 NOMISEC MEDIUM STUB
Akbim Software Online Exam Registration <14.03.2025 - Auth Bypass
Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam Registration allows Exploitation of Trusted Identifiers.This issue affects Online Exam Registration: before 14.03.2025.
CVSS 4.4