CVE-2025-5319

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-5319
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection. This issue affects DIGITA Efficiency Management System: through 03022026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0016
https://www.usom.gov.tr/bildirim/tr-26-0016
Configurations

No configuration.

History

05 Jun 2026, 15:16

Type Values Removed Values Added
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection.This issue affects DIGITA Efficiency Management System: through 03022026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection. This issue affects DIGITA Efficiency Management System: through 03022026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
  • () https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0016 -

15 Apr 2026, 00:35

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de Neutralización Incorrecta de Elementos Especiales utilizados en un Comando SQL ('Inyección SQL') en el Sistema de Gestión de Eficiencia DIGITA de Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. permite la inyección SQL. Este problema afecta al Sistema de Gestión de Eficiencia DIGITA: hasta el 03022026. NOTA: Se contactó al proveedor con antelación sobre esta divulgación, pero no respondió de ninguna manera.

04 Feb 2026, 08:16

Type Values Removed Values Added
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Information and Communication Technologies Industry and Trade Ltd. Co. Efficiency Management System allows SQL Injection.This issue affects Efficiency Management System: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection.This issue affects DIGITA Efficiency Management System: through 03022026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

03 Feb 2026, 15:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-03 15:16

Updated : 2026-06-05 15:16

NVD link : CVE-2025-5319

Mitre link : CVE-2025-5319

CVE.ORG link : CVE-2025-5319

JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')