CVE-2023-2045 CRITICAL

CVE-2023-2045: SQLi in Ipekyolu Software's Auto Damage Tracking Software

Vendor Ipekyolu Software

Product Auto Damage Tracking Software

Weakness CWE-89 · SQLi

Published May 24, 2023

Last update May 22, 2026

View on NVD All CVEs

CVSS base score

9.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ipekyolu Software Auto Damage Tracking Software allows SQL Injection. This issue affects Auto Damage Tracking Software: before 4.

Key dates

02Disclosure timeline

May 24, 2023 CVE published

May 22, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-2045 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2025-22716 WordPress Taskbuilder Plugin <= 3.0.6 - SQL Injection vulnerability CVE-2023-1847 SourceCodester Online Payroll System attendance.php sql injection CVE-2023-0303 SourceCodester Online Food Ordering System view_prod.php sql injection CVE-2025-12594 code-projects Simple Online Hotel Reservation System add_account.php sql injection CVE-2012-10011 HD FLV PLayer Plugin functions.php hd_update_media sql injection