CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6401 – SQLi in SFS Consulting's InsureE GL
https://notcve.org/view.php?id=CVE-2024-6401
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2. • https://www.usom.gov.tr/bildirim/tr-24-1475 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7104 – Remote Code Execution in SFS Consulting's ww.Winsure
https://notcve.org/view.php?id=CVE-2024-7104
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2. • https://www.usom.gov.tr/bildirim/tr-24-1475 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7098 – XML Injection in SFS Consulting's ww.Winsure
https://notcve.org/view.php?id=CVE-2024-7098
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2. • https://www.usom.gov.tr/bildirim/tr-24-1475 • CWE-611: Improper Restriction of XML External Entity Reference •