CVE-2025-6520

CRITICAL9.8Injection

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Abis Technology BAPSIS allows Blind SQL Injection. This issue affects BAPSIS: before 202510271606.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Abis Technology / BAPSIS0 – 202510271606

References

MISChttps://www.usom.gov.tr/bildirim/tr-25-0365
MISChttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0365