Path Traversal in Yordam BT’s Yordam Katalog_CVE-2025-10438

7.1 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Description

Path Traversal: 'dir/../../filename' vulnerability in Yordam Information Technology Consulting Education and Electrical Systems Industry Trade Inc. Yordam Katalog allows Path Traversal.This issue affects Yordam Katalog: before 21.7.

Basic Information

ID CVE-2025-10438

Source TR-CERT

Published Sep 25, 2025 at 09:18

Affected Product

Vendor Yordam Information Technology Consulting Education and Electrical Systems Industry Trade Inc.

Product Yordam Katalog

Affected Versions Yordam Information Technology Consulting Education and Electrical Systems Industry Trade Inc. Yordam Katalog 0

CWE Classification

CWE-27

References

www.usom.gov.tr /bildirim/tr-25-0296

{
    "lastseen": "",
    "description": "Path Traversal: 'dir/../../filename' vulnerability in Yordam Information Technology Consulting Education and Electrical Systems Industry Trade Inc. Yordam Katalog allows Path Traversal.This issue affects Yordam Katalog: before 21.7.",
    "published": "2025-09-25T09:18:44.444Z",
    "modified": "2025-09-25T09:18:44.444Z",
    "type": "cve",
    "title": "Path Traversal in Yordam BT's Yordam Katalog",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0296",
    "id": "CVE-2025-10438",
    "bulletinFamily": "",
    "cwe": [
        "CWE-27"
    ],
    "cvelist": null,
    "sourceData": "Yordam Information Technology Consulting Education and Electrical Systems Industry Trade Inc. Yordam Katalog 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Yordam Katalog",
    "version": "0",
    "vendor": "Yordam Information Technology Consulting Education and Electrical Systems Industry Trade Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}