CVE-2025-11959 | THREATINT

Description

Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse.This issue affects Excavation Management Information System: before v.10.2025.01.

PUBLISHED Reserved 2025-10-20 | Published 2025-11-11 | Updated 2025-11-12 | Assigner TR-CERT

HIGH: 8.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-552 Files or Directories Accessible to External Parties

CWE-359 Exposure of Private Personal Information to an Unauthorized Actor

Product status

Default status

unaffected

Any version before v.10.2025.01

affected

Credits

İbrahim YİĞİTSOY finder

References

www.usom.gov.tr/bildirim/tr-25-0388

cve.org (CVE-2025-11959)

nvd.nist.gov (CVE-2025-11959)

Download JSON