Lucene search
+L

5 matches found

EUVD
EUVD
added 2026/03/12 6:30 p.m.5 views

EUVD-2019-19766

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS5.9AI score0.00323EPSS
Exploits0References3
NVD
NVD
added 2026/03/12 4:16 p.m.7 views

CVE-2019-25473

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS0.00323EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.4 views

CVE-2019-25473

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS5.9AI score0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.4 views

CVE-2019-25473 Clinic Pro SQL Injection via monthly_expense_overview month Parameter

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS6AI score0.00323EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.26 views

CVE-2019-25473 Clinic Pro SQL Injection via monthly_expense_overview month Parameter

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS0.00323EPSS
Exploits0References2
Rows per page
Query Builder