CVE-2025-2812

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection.

This issue affects Ticket Sales Automation: before 03.04.2025 (DD.MM.YYYY).

Affected Software

VendorProductVersion RangeStatus
Mydata InformaticsTicket Sales Automation0 < 03.04.2025 (DD.MM.YYYY)affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References