SQLi in RiskTurk’s Treasury Management Software_CVE-2025-1929

7.2 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection.This issue affects Reel Sektör Hazine ve Risk Yönetimi Yazılımı: through 1.0.0.4.

Basic Information

ID CVE-2025-1929

Source TR-CERT

Published Aug 15, 2025 at 12:06

Affected Product

Vendor Risk Yazılım Teknolojileri Ltd. Şti.

Product Reel Sektör Hazine ve Risk Yönetimi Yazılımı

Affected Versions Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı 0

CWE Classification

CWE-89

References

www.usom.gov.tr /bildirim/tr-25-0198

{
    "lastseen": "",
    "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Risk Yaz\u0131l\u0131m Teknolojileri Ltd. \u015eti. Reel Sekt\u00f6r Hazine ve Risk Y\u00f6netimi Yaz\u0131l\u0131m\u0131 allows SQL Injection, CAPEC - 7 - Blind SQL Injection.This issue affects Reel Sekt\u00f6r Hazine ve Risk Y\u00f6netimi Yaz\u0131l\u0131m\u0131: through 1.0.0.4.",
    "published": "2025-08-15T12:06:43.436Z",
    "modified": "2025-08-15T12:06:43.436Z",
    "type": "cve",
    "title": "SQLi in RiskTurk's Treasury Management Software",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0198",
    "id": "CVE-2025-1929",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Risk Yaz\u0131l\u0131m Teknolojileri Ltd. \u015eti. Reel Sekt\u00f6r Hazine ve Risk Y\u00f6netimi Yaz\u0131l\u0131m\u0131 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Reel Sekt\u00f6r Hazine ve Risk Y\u00f6netimi Yaz\u0131l\u0131m\u0131",
    "version": "0",
    "vendor": "Risk Yaz\u0131l\u0131m Teknolojileri Ltd. \u015eti.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}