3 matches found
CVE-2019-25516
The CVE-2019-25516 entry describes an SQL injection in Jettweb PHP Hazir Haber Sitesi Scripti V1, exploitable via GET requests to gallery.php with a malicious gallery_id (UNION-based) allowing unauthenticated data extraction. Metrics indicate CVSS v3.1 base score 8.2 (HIGH) and CVSS v4.0 base sco...
CVE-2019-25516 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...
PT-2026-24976
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gallery id parameter. Attackers can send GET requests to gallery.php with malicious gallery id values using...