CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/03/12 6:30 p.m.•2 views

EUVD-2019-19788

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive data...

8.8CVSS5.9AI score0.00128EPSS

EUVD•added 2026/03/12 6:30 p.m.•1 views

EUVD-2019-19780

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

8.8CVSS5.8AI score0.00201EPSS

EUVD•added 2026/03/12 6:30 p.m.•1 views

EUVD-2019-19798

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option parameter to...

8.8CVSS6AI score0.00041EPSS

EUVD•added 2026/03/12 6:30 p.m.•3 views

EUVD-2019-19786

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.0041EPSS

EUVD•added 2026/03/12 6:30 p.m.•0 views

EUVD-2019-19796

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

8.8CVSS5.9AI score0.001EPSS

EUVD•added 2026/03/12 6:30 p.m.•2 views

EUVD-2019-19782

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

8.8CVSS5.9AI score0.001EPSS

CVE-2019-25520

9.8CVSS0.00201EPSS

CVE-2019-25519

8.8CVSS0.00041EPSS

CVE-2019-25516

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

8.8CVSS0.001EPSS

CVE-2019-25518

8.8CVSS0.001EPSS

NVD•added 2026/03/12 4:16 p.m.•2 views

CVE-2019-25515

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

9.8CVSS0.00991EPSS

CVE-2019-25514

9.8CVSS0.00128EPSS

CVE-2019-25510

9.8CVSS0.00201EPSS

NVD•added 2026/03/12 4:16 p.m.•2 views

CVE-2019-25512

8.8CVSS0.00041EPSS

CVE-2019-25511

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

8.8CVSS0.001EPSS