CVE-2024-7078

CRITICAL

Semtek Sempos <= 31072024 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows SQL Injection. This issue affects Semtek Sempos: through 31072024.

References (2)

Core 2
Core References
Broken Link, Third Party Advisory government-resource broken-link
https://www.usom.gov.tr/bildirim/tr-24-1396

Scores

CVSS v3 9.8
EPSS 0.0046
EPSS Percentile 37.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (2)
Semtek Informatics Software Consulting Inc./Semtek Sempos < 31072024
semtekyazilim/semtek_sempos < 31072024
Published Sep 04, 2024
Tracked Since Feb 18, 2026