Skip to main content
CVE-2025-6520 CRITICAL Act Now

Blind SQL injection in Abis Technology BAPSIS versions prior to 202510271606 allows unauthenticated remote attackers to manipulate backend database queries over the network with no user interaction. The CVSS 9.8 rating reflects full compromise of confidentiality, integrity, and availability, though EPSS remains very low at 0.04% (13th percentile) and no public exploit identified at time of analysis. Disclosure originates from Turkey's national CERT (USOM), suggesting regional product exposure rather than mass-market footprint.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy