CVE-2025-5319

CRITICAL

DIGITA Efficiency Management System <03022026 - SQL Injection

Title source: llm

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection.This issue affects DIGITA Efficiency Management System: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

nomisec STUB

by sahici · poc

https://github.com/sahici/CVE-2025-5319

View Code ZIP pw:eip

References (1)

[Third Party Advisory, US Government Resource] https://www.usom.gov.tr/bildirim/tr-26-0016

Scores

CVSS v3 9.8

EPSS 0.0002

EPSS Percentile 3.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (1)

Emit Informatics and Communication Technologies Industry and Trade Ltd. Co./DIGITA Efficiency Management System < 03022026

Published Feb 03, 2026

Tracked Since Feb 18, 2026