SQL Injection Vulnerability in Farktor E-Commerce Package by Farktor Software
CVE-2025-10969

9.8CRITICAL

Key Information:

Vendor: Farktor Software E-commerce Services Inc.
Status: E-commerce Package
Vendor: CVE Published:; 12 February 2026

🔔 Create Farktor Software E-commerce Services Inc. Vulnerability Alert

What is CVE-2025-10969?

A serious SQL Injection vulnerability has been identified in the E-Commerce Package from Farktor Software. This flaw allows attackers to execute SQL commands through improper handling of user input, facilitating unauthorized access to sensitive database information via Blind SQL Injection. Affected users are strongly advised to take immediate action to secure their applications and prevent potential exploitation.

Affected Version(s)

E-Commerce Package 0 <= 27112025

References

https://www.usom.gov.tr/bildirim/tr-26-0063

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2026
Vulnerability Reserved
Sep 25, 2025

Credit

Berat ARSLAN

CVE-2025-10969 Data

JSON