Blind SQL injection in Abis Technology BAPSIS versions prior to 202510271606 allows unauthenticated remote attackers to manipulate backend database queries over the network with no user interaction. The CVSS 9.8 rating reflects full compromise of confidentiality, integrity, and availability, though EPSS remains very low at 0.04% (13th percentile) and no public exploit identified at time of analysis. Disclosure originates from Turkey's national CERT (USOM), suggesting regional product exposure rather than mass-market footprint.
SQLi
NVD
VulDB
CVSS 3.1
9.8
EPSS
0.0%