CVE-2023-6151 – Information Disclosure in Eskom E-municipality
https://notcve.org/view.php?id=CVE-2023-6151
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. Una vulnerabilidad de gestión de privilegios inadecuada en el módulo de e-municipality ESKOM Computer permite recopilar datos proporcionados por los usuarios. Este problema afecta al módulo de e-municipality: anterior a v.105. Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. • https://www.usom.gov.tr/bildirim/tr-23-0664 • CWE-269: Improper Privilege Management CWE-648: Incorrect Use of Privileged APIs •
CVE-2023-6150 – Information Disclosure in Eskom E-municipality
https://notcve.org/view.php?id=CVE-2023-6150
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. Una vulnerabilidad de gestión de privilegios inadecuada en el módulo de e-municipality ESKOM Computer permite recopilar datos proporcionados por los usuarios. Este problema afecta al módulo de e-municipality: anterior a v.105. Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105. • https://www.usom.gov.tr/bildirim/tr-23-0664 • CWE-269: Improper Privilege Management CWE-648: Incorrect Use of Privileged APIs •
CVE-2023-1863 – SQLi in Eskom Computer Water Metering Software
https://notcve.org/view.php?id=CVE-2023-1863
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eskom Water Metering Software allows Command Line Execution through SQL Injection.This issue affects Water Metering Software: before 23.04.06. • https://www.usom.gov.tr/bildirim/tr-23-0225 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-1114 – Improper Input Validation on e-Belediye
https://notcve.org/view.php?id=CVE-2023-1114
Missing Authorization vulnerability in Eskom e-Belediye allows Information Elicitation.This issue affects e-Belediye: from 1.0.0.95 before 1.0.0.100. • https://www.usom.gov.tr/bildirim/tr-23-0113-2 • CWE-862: Missing Authorization •