Vendor
WebOfisi E-Ticaret 4.0 is vulnerable to SQL injection via the 'urun' GET parameter, allowing unauthenticated attackers to manipulate database queries and execute various SQL injection attacks.