CVE Catalog

CVE-2026-4321

CriticalCVSS 9.8
Published: Translated: NVD NIST

Summary

An SQL injection vulnerability in Destekz by Raera - Ankara Web Design and Digital Advertising Agency allows an attacker to inject malicious SQL code. The issue affects all versions up to 02062026. The vendor confirmed the product is no longer supported.

Risk Assessment

An attacker can gain unauthorized access to the database, steal or modify sensitive data, and potentially take over the server.

Recommendation

Immediately stop using Destekz and replace it with a supported solution. If not possible, isolate the system from the network and apply WAF rules to block SQL injection attacks.

Original NVD description (English source)

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the product is not supported.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS