Cbs Platform
Monthly
Remote SQL injection in MOSK Information Technologies CBS Platform (versions through 09062026) allows unauthenticated attackers to inject arbitrary SQL commands over the network without user interaction, yielding full confidentiality, integrity, and availability impact (CVSS 9.8). The vendor confirmed to TR-CERT that the product is no longer supported, so no official fix will be issued. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Remote SQL injection in MOSK Information Technologies CBS Platform (versions through 09062026) allows unauthenticated attackers to inject arbitrary SQL commands over the network without user interaction, yielding full confidentiality, integrity, and availability impact (CVSS 9.8). The vendor confirmed to TR-CERT that the product is no longer supported, so no official fix will be issued. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.