SQL Injection Vulnerability in Arma Store Armalife Affects Multiple Versions
CVE-2024-13149

9.8CRITICAL

Key Information:

Vendor: Arma Store
Status: Armalife
Vendor: CVE Published:; 16 September 2025

What is CVE-2024-13149?

The vulnerability in Arma Store's Armalife allows for SQL Injection due to improper neutralization of special elements in SQL commands. This flaw enables unauthorized actors to extract sensitive information, exposing users to potential data breaches. As of now, the vendor has not provided updates on the remediation process, leaving affected users at risk until a fix is implemented.

Affected Version(s)

Armalife 0 <= 20250916

References

https://www.usom.gov.tr/bildirim/tr-25-0258

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Jan 6, 2025

Credit

Mustafa GÜNEL