Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2025-11024: Akilli Commerce Website: Blind SQL Injection via Malformed SQL
CVE-2025-11024
Summary
Akilli Commerce's E-commerce website has a security flaw that allows attackers to manipulate database queries. This could lead to sensitive information being stolen or altered. Update to version 4.5.001 or later to fix this issue.
Original title
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection.
...
Original description
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection.
This issue affects E-Commerce Website: before 4.5.001.
This issue affects E-Commerce Website: before 4.5.001.
nvd CVSS3.1
9.8
Vulnerability type
CWE-89
SQL Injection
Published: 14 May 2026 · Updated: 23 May 2026 · First seen: 14 May 2026