SQL Injection Vulnerability in Akilli Commerce E-Commerce Software
CVE-2025-11024

9.8CRITICAL

Key Information:

Vendor

Akilli Commerce Software Technologies Ltd. Co.

Status
E-commerce Website
Vendor
CVE Published:
14 May 2026

What is CVE-2025-11024?

A SQL injection vulnerability exists in the E-Commerce Website developed by Akilli Commerce Software Technologies Ltd. Co., enabling attackers to execute blind SQL injection commands. This security flaw can compromise sensitive database information, allowing unauthorized access and manipulation of data. Affected versions include those prior to 4.5.001, necessitating prompt updates to mitigate potential exploitation.

Affected Version(s)

E-Commerce Website 0 < 4.5.001

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...
government-resource

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Berat ARSLAN
.