CVE-2024-8972: SQLi in Mobil365 Informatics' Saha365 App

9.8 CVSS

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mobil365 Informatics Saha365 App allows SQL Injection.This issue affects Saha365 App: before 30.09.2024.

Classification

CVE ID: CVE-2024-8972

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.8

Affected Products

Vendor: Mobil365 Informatics

Product: Saha365 App

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.09% (probability of being exploited)

EPSS Percentile: 40.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://www.usom.gov.tr/bildirim/tr-24-1890

Timeline

2024-12-18 00:30:46 UTC
CVE

SQLi in Mobil365 Informatics' Saha365 App