CVE-2024-12097

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1050%

EPSS Percentile8.49th

PublishedMar 5, 2025

Last ModifiedJun 2, 2026

Vulnerability Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Boceksoft Informatics E-Travel allows SQL Injection. This issue affects E-Travel: before 15.12.2024.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0053

🔗 https://www.usom.gov.tr/bildirim/tr-25-0053

Related Vulnerabilities

CVE-2024-309410.0

Backdoor in upstream xz-utils package allows SSH remote code execution (XZ Utils backdoor). Malicious code was discovered in the u...

CVE-2024-1315210.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BSS Software Mobuy Online Ma...

CVE-2024-89509.9

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arne Informatics Piramit Aut...

CVE-2024-56189.9

Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Ac...