CVE-2025-27268

Summary

CVE-2025-27268 is an SQL injection vulnerability affecting the Small Package Quotes – Worldwide Express Edition software from version n/a through 5.2.18. An attacker can exploit this issue by injecting malicious SQL commands into the application, potentially gaining unauthorized access to sensitive data or making unintended modifications to the database. The vulnerability occurs due to improper neutralization of special elements used in an SQL command. This type of attack is a common method used by cybercriminals to breach security systems and compromise data integrity. It is highly recommended that users upgrade to the latest version of the software to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.