Critical severity9.3NVD Advisory· Published Jan 27, 2025· Updated Apr 23, 2026
CVE-2025-24612
CVE-2025-24612
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ihor Kit Shipping for Nova Poshta nova-poshta-ttn allows SQL Injection.This issue affects Shipping for Nova Poshta: from n/a through <= 1.19.6.
Affected products
1- Range: <= 1.19.6
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.