SQLi in SFS Winsure_CVE-2025-10610

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure allows Blind SQL Injection.This issue affects Winsure: through Version dated 21.08.2025.

AI Analysis

AI processing failed - returned non-JSON response

Basic Information

ID CVE-2025-10610

Source TR-CERT

Published Oct 14, 2025 at 12:43

Modified Oct 14, 2025 at 13:12

Affected Product

Vendor SFS Consulting Information Processing Industry and Foreign Trade Inc.

Product Winsure

Affected Versions SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure 0

CWE Classification

CWE-89

References

www.usom.gov.tr /bildirim/tr-25-0337

{
    "lastseen": "",
    "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure allows Blind SQL Injection.This issue affects Winsure: through Version dated 21.08.2025.",
    "published": "2025-10-14T12:43:37.800Z",
    "modified": "2025-10-14T13:12:26.765Z",
    "type": "cve",
    "title": "SQLi in SFS Winsure",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0337",
    "id": "CVE-2025-10610",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "SFS Consulting Information Processing Industry and Foreign Trade Inc. Winsure 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Winsure",
    "version": "0",
    "vendor": "SFS Consulting Information Processing Industry and Foreign Trade Inc.",
    "ai_description": "AI processing failed - returned non-JSON response",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}