Home / Vulnerability Intelligence / CVE-2025-11251

CVE-2025-11251 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: February 27, 2026

Dayneks Software Industry and Trade Inc. E-Commerce Platform - SQL Injection

Published: February 27, 2026Updated: February 27, 2026Remote Exploitable

Overview

Dayneks Software Industry and Trade Inc. E-Commerce Platform <= 27022026 contains an sql injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries remotely, exploit requires crafted input.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 1.4%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary SQL commands, leading to data disclosure, modification, or deletion.

Mitigation

Update to the latest version beyond 27022026.

References

https://www.usom.gov.tr/bildirim/tr-26-0084

Social Media Activity(1 post)

Security Land

@securityland

Mar 11, 2026

The OpenClaw autonomous AI agent has achieved explosive growth, but its rapid rise has triggered a major security crisis. China's MIIT and CNCERT have issued urgent warnings following the discovery of over 40,000 exposed instances of the software online. The highest density of these exposed instances was located in China, followed by the US and Singapore. Read More: https://www.security.land/china-openclaw-ai-security-alert-cve-2025-11251/ #SecurityLand #GeoSphere #China #OpenClaw #AI #SecurityVulnerability #CVE

View original post

Related Resources

Details

CVE ID: CVE-2025-11251
Severity: Critical
CVSS Score: 9.8
Type: sql_injection
Status: confirmed
EPSS: 1.4%
Social Posts: 1

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

1.4%Probability of exploitation in the next 30 days