Lucene search
+L

21 matches found

EUVD
EUVD
added 2026/03/12 6:30 p.m.7 views

EUVD-2019-19786

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.00564EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/12 6:30 p.m.5 views

EUVD-2019-19782

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

8.8CVSS5.9AI score0.00369EPSS
Exploits1References3
NVD
NVD
added 2026/03/12 4:16 p.m.5 views

CVE-2019-25518

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

8.8CVSS0.0036EPSS
Exploits1References2
NVD
NVD
added 2026/03/12 4:16 p.m.5 views

CVE-2019-25516

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

8.8CVSS0.00439EPSS
Exploits1References2
NVD
NVD
added 2026/03/12 4:16 p.m.4 views

CVE-2019-25519

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option parameter to...

8.8CVSS0.00265EPSS
Exploits1References2
NVD
NVD
added 2026/03/12 4:16 p.m.6 views

CVE-2019-25520

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

9.8CVSS0.00432EPSS
Exploits1References2
NVD
NVD
added 2026/03/12 4:16 p.m.7 views

CVE-2019-25514

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive data...

9.8CVSS0.00512EPSS
Exploits1References2
NVD
NVD
added 2026/03/12 4:16 p.m.5 views

CVE-2019-25511

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

8.8CVSS0.00369EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:36 p.m.11 views

CVE-2019-25520

CVE-2019-25520 affects Jettweb PHP Hazir Haber Sitesi Scripti V1. The administrative login in admingiris.php is vulnerable to authentication bypass via improper SQL query validation, enabling unauthenticated attackers to bypass login and access the admin interface. Attackers can submit SQL inject...

9.8CVSS5.8AI score0.00432EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.5 views

CVE-2019-25520

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

8.8CVSS5.8AI score0.00432EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.3 views

CVE-2019-25519

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option parameter to...

8.8CVSS6AI score0.00265EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25518

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

8.8CVSS5.9AI score0.0036EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/12 3:36 p.m.11 views

CVE-2019-25518

CVE-2019-25518 affects Jettweb PHP Hazir Haber Sitesi Scripti V1. An SQL injection flaw lets unauthenticated attackers inject SQL via the poll parameter in arama.php, enabling extraction or modification of database data. Root cause is unsafely constructed queries exposed to user input. Impact—hig...

8.8CVSS5.9AI score0.0036EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/12 3:36 p.m.10 views

CVE-2019-25517

The CVE covers Jettweb PHP Hazir Haber Sitesi Scripti V1 with an SQL injection vulnerability in the haberarsiv.php script. The vulnerability is triggered via the cid parameter, allowing unauthenticated attackers to perform UNION-based injections to extract sensitive database information or modify...

8.8CVSS5.9AI score0.00451EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25516 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

8.8CVSS5.9AI score0.00439EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.4 views

CVE-2019-25513 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.00564EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:36 p.m.11 views

CVE-2019-25512

CVE-2019-25512 affects Jettweb PHP Hazir Haber Sitesi Scripti V3. The vulnerability is an SQL injection exploitable through the kelime parameter in POST requests, allowing UNION-based payloads to extract or modify database contents. The reports indicate a NETWORK attack vector with LOW complexity...

8.8CVSS5.9AI score0.00331EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.25 views

CVE-2019-25511 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

8.8CVSS0.00369EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25488 Jettweb Hazir Rent A Car Scripti V4 SQL Injection via admin

Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php...

8.8CVSS6AI score0.00411EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.10 views

PT-2026-24975

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

8.7CVSS5.8AI score0.01089EPSS
Exploits1References3
Rows per page
Query Builder