SQL Injection Vulnerability in Moderec Tourtella Affects User Security
CVE-2025-4784

9.8CRITICAL

Key Information:

Vendor: Moderec
Status: Tourtella
Vendor: CVE Published:; 24 July 2025

What is CVE-2025-4784?

The Moderec Tourtella software is vulnerable to a SQL Injection attack due to improper neutralization of special elements used in SQL commands. This vulnerability allows attackers to manipulate SQL queries, potentially leading to unauthorized access to sensitive data within the database. It is essential for users of Tourtella to be aware of this issue, as it affects versions released before May 26, 2025, and take appropriate measures to secure their applications.

Affected Version(s)

Tourtella 0 < 26.05.2025

References

https://www.usom.gov.tr/bildirim/tr-25-0176

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 24, 2025
Vulnerability Reserved
May 15, 2025

Credit

Yasin Yasar

Yusuf Melih Daskiran