Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8112 matches found

EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2019-19800

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

8.8CVSS5.8AI score0.00201EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2019-19780

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

8.8CVSS5.8AI score0.00201EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2019-19774

Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php...

8.8CVSS5.9AI score0.00125EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2019-19790

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

8.7CVSS5.8AI score0.00991EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2019-19798

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option parameter to...

8.8CVSS6AI score0.00041EPSS
Exploits1References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2019-19770

iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. Attackers can send POST requests to the search endpoint with crafted SQL payloads to extract sensitiv...

8.8CVSS5.9AI score0.00123EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2019-19814

Netartmedia Jobs Portal 6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with crafted SQL payloads in the Email field to extract...

8.8CVSS5.9AI score0.00322EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2019-19768

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST requests to the agents/agentlistdetails endpoint with malicious SQL payloads in the city paramete...

8.8CVSS5.9AI score0.00123EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2019-19796

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

8.8CVSS5.9AI score0.001EPSS
Exploits1References3
NVD
NVDadded 2026/03/12 6:16 p.m.0 views

CVE-2026-32137

Dataease is an open source data visualization analysis tool. Prior to 2.10.20, The table parameter for /de2api/datasource/previewData is directly concatenated into the SQL statement without any filtering or parameterization. Since tableName is a user-controllable string, attackers can inject...

9.3CVSS0.00073EPSS
Exploits1References1
CVE
CVEadded 2026/03/12 5:3 p.m.12 views

CVE-2026-31841

Hyperterse prior to v2.2.0 exposes raw SQL queries in search results, leaking statements intended to run covertly. Affects the Hyperterse tool-first MCP framework’s search component; vulnerability arises from returning executed-under-the-hood SQL alongside results. Impact per CVSS: Confidentialit...

6.5CVSS5.7AI score0.00043EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2026/03/12 4:16 p.m.2 views

CVE-2019-25534

Netartmedia PHP Car Dealer contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can submit POST requests to index.php with crafted SQL payloads in the features parameter...

8.8CVSS0.00123EPSS
Exploits0References2
NVD
NVDadded 2026/03/12 4:16 p.m.2 views

CVE-2019-25512

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...

8.8CVSS0.00041EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/12 3:37 p.m.21 views

CVE-2019-25539 202CMS v10 beta SQL Injection via register.php

202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection technique...

8.8CVSS0.00235EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/03/12 3:37 p.m.2 views

CVE-2019-25537

Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with malicious SQL payloads in the Email...

8.8CVSS5.9AI score0.00123EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/03/12 3:37 p.m.5 views

CVE-2019-25529

Placeto CMS Alpha rv.4 contains an authenticated SQL injection vulnerability in the admin/edit.php endpoint via the page parameter. Attackers can craft GET requests to extract data using boolean-based blind, time-based blind, or union-based techniques without user interaction, with LOW privileges...

7.1CVSS5.9AI score0.00038EPSS
Exploits0References4
CVE
CVEadded 2026/03/12 3:36 p.m.6 views

CVE-2019-25525

CVE-2019-25525 affects Inout EasyRooms Ultimate Edition v1.0. The vulnerability is an SQL injection in the guests parameter that can be exploited via POST to the search/rentals endpoint, enabling unauthenticated attackers to bypass authentication and potentially extract or modify data. The provid...

9.1CVSS5.9AI score0.00263EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/12 3:36 p.m.2 views

CVE-2019-25522

XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photoid parameter. Attackers can send GET requests to photo.php with malicious photoid values to extract sensitive data, bypass...

8.8CVSS5.9AI score0.00263EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/12 3:36 p.m.1 views

CVE-2019-25519

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option parameter to...

8.8CVSS6AI score0.00041EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/03/12 3:36 p.m.20 views

CVE-2019-25518 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via arama.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

8.8CVSS0.001EPSS
Exploits1References2
Rows per page
Query Builder