Tourtella
Monthly
SQL injection in Moderec Tourtella versions prior to 26.05.2025 allows remote unauthenticated attackers to manipulate backend database queries via crafted input, leading to full compromise of confidentiality, integrity, and availability. The flaw was reported through Turkey's national CERT (USOM) under advisory TR-25-0176 and carries a critical 9.8 CVSS score, though no public exploit identified at time of analysis and no EPSS score was provided.
SQL injection in Moderec Tourtella versions prior to 26.05.2025 allows remote unauthenticated attackers to manipulate backend database queries via crafted input, leading to full compromise of confidentiality, integrity, and availability. The flaw was reported through Turkey's national CERT (USOM) under advisory TR-25-0176 and carries a critical 9.8 CVSS score, though no public exploit identified at time of analysis and no EPSS score was provided.