Description
Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow remote attackers to execute arbitrary SQL commands via the (1) Kategori parameter in satilik.asp and the (2) Emlak parameter in detay.asp.
Exploits (2)
References (7)
Core 7
Core References
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3319
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25880
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37408
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27033
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36877
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/0709-exploits/ohesa-sql.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37407
Scores
EPSS
0.0167
EPSS Percentile
82.2%
Details
CWE
CWE-89
Status
published
Products (1)
ohesa_emlak_portali/ohesa_emlak_portali
Published
Oct 03, 2007
Tracked Since
Feb 18, 2026