CVE-2023-6145 CRITICAL

CVE-2023-6145: SQLi in Softomi E-commerce Software

Vendor İstanbul Soft Informatics And Consultancy Limited Company
Product Softomi Advanced C2C Marketplace Software
Weakness CWE-89 · SQLi
Published December 21, 2023
Last update May 20, 2026
View on NVD All CVEs

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in İstanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace Software allows SQL Injection. This issue affects Softomi Advanced C2C Marketplace Software: before 12122023.

Key dates

02Disclosure timeline

December 21, 2023 CVE published
May 20, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-11060 Jinher Network Collaborative Management Platform 金和数字化智能办公平台 AcceptShow.aspx sql injection CVE-2022-45786 Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection CVE-2025-60110 WordPress AllInOne - Banner Rotator Plugin <= 3.8 - SQL Injection Vulnerability CVE-2026-10203 OFCMS JSON Query SystemParamController.java query sql injection CVE-2013-10011 aeharding classroom-engagement-system sql injection