CVE-2026-7486
CriticalCVSS 9.8Summary
There is an SQL injection vulnerability in Netcad Software Inc. E-İmar due to improper neutralization of special elements used in SQL commands. This issue affects E-İmar from version 2.10.1.0 to before 3.0.2.
Risk Assessment
Exploitation of this vulnerability may lead to unauthorized access to the database and exposure of sensitive information. Organizations may face serious legal and financial consequences.
Recommendation
It is recommended to update E-İmar software to version 3.0.2 or later to mitigate this vulnerability. Additionally, conducting a security audit of the application is advisable.
Original NVD description (English source)
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: from 2.10.1.0 before 3.0.2.

