CVE-2023-35065

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Osoft Paint Production Management allows SQL Injection. This issue affects Paint Production Management: before 2.1.

critical 9.8 CVSS 3.1

Published: Sep 5, 2023

Modified: May 22, 2026

Vendor: Osoft

Product: Dyeing - Printing - Finishing Production Management

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Osoft Paint Production Management allows SQL Injection.

This issue affects Paint Production Management: before 2.1.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0490
https://www.usom.gov.tr/bildirim/tr-23-0490
https://www.usom.gov.tr/bildirim/tr-23-0490

CVSS Breakdown

Version	3.1
Score	9.8 / 10
Severity	critical

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weakness (CWE)

CWE-89

Affected Product

Vendor	Osoft
Product	Dyeing - Printing - Finishing Production Management