Lucene search
K

5 matches found

EUVD
EUVD
added 2026/04/12 3:30 p.m.7 views

EUVD-2019-20149

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...

7.1CVSS6.2AI score0.00276EPSS
Exploits1References5
NVD
NVD
added 2026/04/12 1:16 p.m.4 views

CVE-2019-25713

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...

8.1CVSS0.00276EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/12 12:28 p.m.3 views

CVE-2019-25713 MyT-PM 1.5.1 SQL Injection via Charge[group_total] Parameter

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...

7.1CVSS6.2AI score0.00276EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/12 12:28 p.m.31 views

CVE-2019-25713 MyT-PM 1.5.1 SQL Injection via Charge[group_total] Parameter

MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Chargegrouptotal parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind...

7.1CVSS0.00276EPSS
Exploits1References4
CVE
CVE
added 2026/04/12 12:28 p.m.10 views

CVE-2019-25713

MyT-PM 1.5.1 is affected by an SQL injection vulnerability reachable via the Charge[group_total] parameter in POST requests to /charge/admin. The issue allows authenticated attackers to execute arbitrary SQL queries, using error-based, time-based blind, or stacked query payloads to extract data o...

8.1CVSS6.2AI score0.00276EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder