CVE-2024-13151

9.8 CRITICAL

CWE - 89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ESBI Information and Tel...

Published: 2025-09-18 · Last updated: 2026-06-01

Severity and scoring

CVSS: 9.8 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

CWE - 89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ESBI Information and Telecommunication Industry and Trade Limited Company Auto Service Software allows SQL Injection. This issue affects Auto Service Software: before v.2025.10.01.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2024-13151
[Other]https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0273
[Other]https://www.usom.gov.tr/bildirim/tr-25-0273