📄 Description (English)
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlak_durumu, emlak_tipi, il, ilce, kelime, and semt to extract sensitive database information or perform time-based blind SQL injection attacks.
🤖 AI Executive Summary
Web Ofisi Emlak V2 contains critical unauthenticated SQL injection vulnerabilities in multiple GET parameters that allow attackers to extract sensitive database information or perform blind SQL injection attacks. With CVSS 8.2 and publicly available exploits, this poses an immediate threat to organizations using this real estate management system. Urgent patching is required to prevent unauthorized database access and potential data exfiltration.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: Apr 25, 2026 06:37
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi real estate companies, property management firms, and government agencies using Web Ofisi Emlak for property listings and management. High-risk sectors include: Real Estate/Property Management companies, Government Housing Authorities (e.g., under Ministry of Housing), Municipal Corporations managing property records, and Financial Institutions offering real estate financing. Attackers could extract sensitive property data, owner information, transaction records, and financial details stored in the database, leading to privacy breaches and potential fraud.
🏢 Affected Saudi Sectors
Real Estate and Property Management
Government Housing and Municipal Authorities
Financial Services (Real Estate Financing)
Insurance (Property Insurance)
Telecommunications (if used for property-related services)
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
8.5
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all instances of Web Ofisi Emlak V2 in your environment and isolate affected systems from production if possible
2. Implement Web Application Firewall (WAF) rules to block SQL injection patterns in GET parameters (emlak_durumu, emlak_tipi, il, ilce, kelime, semt)
3. Enable database query logging and monitor for suspicious SQL patterns
4. Review database access logs for unauthorized queries executed in the past 30 days
PATCHING:
5. Upgrade Web Ofisi Emlak to version 2.0.1 or later immediately
6. Test patches in a non-production environment before deployment
7. Apply patches during a maintenance window with minimal business impact
COMPENSATING CONTROLS (if patching delayed):
8. Implement input validation and parameterized queries at the application level
9. Restrict database user permissions to minimum required privileges
10. Disable direct database access from web application servers
11. Implement rate limiting on affected endpoints
DETECTION:
12. Deploy IDS/IPS signatures for SQL injection attempts
13. Monitor for: UNION-based queries, time-based delays (SLEEP, BENCHMARK), error-based SQL patterns
14. Alert on: Multiple failed queries, unusual database connection patterns, data exfiltration attempts
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حدد جميع نسخ Web Ofisi Emlak V2 في بيئتك وعزل الأنظمة المتأثرة عن الإنتاج إن أمكن
2. طبق قواعد جدار حماية تطبيقات الويب (WAF) لحجب أنماط حقن SQL في معاملات GET
3. فعّل تسجيل استعلامات قاعدة البيانات ومراقبة الأنماط المريبة
4. راجع سجلات الوصول إلى قاعدة البيانات للاستعلامات غير المصرح بها في آخر 30 يوماً
التصحيح:
5. ارقِ Web Ofisi Emlak إلى الإصدار 2.0.1 أو أحدث فوراً
6. اختبر التصحيحات في بيئة غير إنتاجية قبل النشر
7. طبق التصحيحات خلال نافذة صيانة بأقل تأثير على العمل
الضوابط البديلة (إذا تأخر التصحيح):
8. طبق التحقق من صحة المدخلات والاستعلامات المعاملة على مستوى التطبيق
9. قيّد أذونات مستخدم قاعدة البيانات للحد الأدنى المطلوب
10. عطّل الوصول المباشر إلى قاعدة البيانات من خوادم تطبيقات الويب
11. طبق تحديد معدل على نقاط النهاية المتأثرة
الكشف:
12. نشّر توقيعات IDS/IPS لمحاولات حقن SQL
13. راقب: استعلامات UNION، التأخيرات المستندة إلى الوقت، أنماط SQL القائمة على الأخطاء
14. أصدر تنبيهات عند: استعلامات متعددة فاشلة، أنماط اتصال قاعدة بيانات غير عادية، محاولات تسرب البيانات
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.14.2.1 - Secure development policy and procedures
A.14.2.5 - Secure development environment
A.12.6.1 - Management of technical vulnerabilities
A.12.2.1 - Monitoring of system use
🔵 SAMA CSF
ID.RA-1 - Asset management and vulnerability identification
PR.DS-6 - Data protection and integrity
DE.CM-1 - Detection and analysis of anomalies
RS.MI-1 - Incident response and mitigation
🟡 ISO 27001:2022
A.12.6.1 - Management of technical vulnerabilities
A.14.2.1 - Secure development policy
A.13.1.3 - Segregation of networks
A.12.4.1 - Event logging
🟣 PCI DSS v4.0.1
6.2 - Security patches and updates
6.5.1 - Injection flaws prevention
10.2 - User access logging
11.2 - Vulnerability scanning
🔗 References & Sources 3
📦 Affected Products / CPE 1 entries
web-ofisi:emlak:2.0.0