SQL Injection Vulnerability in BGS Interactive SINAV.LINK Exam Result Module
CVE-2025-4688

9.8CRITICAL

Key Information:

Vendor: Bgs Interactive
Status: Sinav.link Exam Result Module
Vendor: CVE Published:; 16 September 2025

🔔 Create Bgs Interactive Vulnerability Alert

What is CVE-2025-4688?

The SINAV.LINK Exam Result Module from BGS Interactive is susceptible to SQL Injection due to improper neutralization of special elements in SQL commands. This vulnerability enables attackers to manipulate SQL queries, potentially allowing them to exfiltrate sensitive data or execute unauthorized commands on the database. It is crucial for users to ensure they are utilizing versions 1.2 or later to mitigate the risks associated with this security issue.

Affected Version(s)

SINAV.LINK Exam Result Module 0 < 1.2

References

https://www.usom.gov.tr/bildirim/tr-25-0252

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
May 14, 2025

Credit

Hasan Yasin Yasar