CVE-2023-6145
CRITICALSoftomi Advanced C2C Marketplace <12122023 - SQL Injection
Title source: llmDescription
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in İstanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection. This issue affects Softomi Advanced C2C Marketplace Software: before 12122023.
References (2)
Core 2
Core References
Third Party Advisory government-resource
broken-link
https://www.usom.gov.tr/bildirim/tr-23-0724
Government Resource government-resource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0724
Scores
CVSS v3
9.8
EPSS
0.0052
EPSS Percentile
40.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (2)
İstanbul Soft Informatics and Consultancy Limited Company/Softomi Advanced C2C Marketplace Software
< 12122023
softomi/advanced_c2c_marketplace_software
< 12122023
Published
Dec 21, 2023
Tracked Since
Feb 18, 2026