Time-Based Blind SQLi in Tumeva Internet Technologies’ Tumeva News Software

8.6 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva News Software allows SQL Injection.This issue affects Tumeva News Software: through 17022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

SQL Injection vulnerability in Tumeva News Software through version 17022026

Basic Information

ID CVE-2025-7631

Source TR-CERT

Published Feb 17, 2026 at 11:36

Affected Product

Vendor Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co.

Product Tumeva News Software

Affected Versions Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva News Software 0

CWE Classification

CWE-89

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor Tumeva Internet Technologies

Product Tumeva News Software

Version through 17022026

References

www.usom.gov.tr /bildirim/tr-26-0067

{
    "lastseen": "",
    "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva News Software allows SQL Injection.This issue affects Tumeva News Software: through 17022026.\u00a0NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-02-17T11:36:50.587Z",
    "modified": "2026-02-17T11:36:50.587Z",
    "type": "cve",
    "title": "Time-Based Blind SQLi in Tumeva Internet Technologies' Tumeva News Software",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-26-0067",
    "id": "CVE-2025-7631",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co. Tumeva News Software 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Tumeva News Software",
    "version": "0",
    "vendor": "Tumeva Internet Technologies Software Information Advertising and Consulting Services Trade Ltd. Co.",
    "ai_description": "SQL Injection vulnerability in Tumeva News Software through version 17022026",
    "ai_severity": "High",
    "ai_vendor": "Tumeva Internet Technologies",
    "ai_product": "Tumeva News Software",
    "ai_version": "through 17022026",
    "ai_score": 8.6
}

Time-Based Blind SQLi in Tumeva Internet Technologies’ Tumeva News Software_CVE-2025-7631