CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/03/12 6:30 p.m.•1 views

EUVD-2019-19796

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in the poll parameter ...

8.8CVSS5.9AI score0.0036EPSS

EUVD•added 2026/03/12 6:30 p.m.•3 views

EUVD-2019-19786

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.00564EPSS

EUVD•added 2026/03/12 6:30 p.m.•3 views

EUVD-2019-19776

Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. Attackers can send GET requests to the katgetir.php endpoint with malicious 'kat' values to...

8.8CVSS5.9AI score0.0036EPSS

NVD•added 2026/03/12 4:16 p.m.•3 views

CVE-2019-25518

8.8CVSS0.0036EPSS

NVD•added 2026/03/12 4:16 p.m.•3 views

CVE-2019-25519

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option parameter to...

8.8CVSS0.00265EPSS

NVD•added 2026/03/12 4:16 p.m.•5 views

CVE-2019-25515

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

9.8CVSS0.01089EPSS

NVD•added 2026/03/12 4:16 p.m.•4 views

CVE-2019-25510

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

9.8CVSS0.00538EPSS

NVD•added 2026/03/12 4:16 p.m.•5 views

CVE-2019-25512

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...

8.8CVSS0.00331EPSS

Cvelist•added 2026/03/12 3:36 p.m.•24 views

CVE-2019-25520 Jettweb PHP Hazir Haber Sitesi Scripti V1 Authentication Bypass

8.8CVSS0.00432EPSS

ATTACKERKB•added 2026/03/12 3:36 p.m.•3 views

CVE-2019-25520

8.8CVSS5.8AI score0.00432EPSS

Cvelist•added 2026/03/12 3:36 p.m.•22 views

CVE-2019-25519 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection

8.8CVSS0.00265EPSS

ATTACKERKB•added 2026/03/12 3:36 p.m.•2 views

CVE-2019-25519

8.8CVSS6AI score0.00265EPSS

CVE•added 2026/03/12 3:36 p.m.•6 views

CVE-2019-25519

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability in the option parameter of uyelik.php, enabling time-based injections to extract sensitive data via crafted POST requests. Attacker access is described without authentication; CVSS notes high impact on confidentiali...

8.8CVSS6AI score0.00265EPSS

Cvelist•added 2026/03/12 3:36 p.m.•22 views

CVE-2019-25518 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via arama.php

8.8CVSS0.0036EPSS

Cvelist•added 2026/03/12 3:36 p.m.•22 views

CVE-2019-25517 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via haberarsiv.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send requests to haberarsiv.php with malicious cid values using UNION-based injecti...

8.8CVSS0.00451EPSS

Vulnrichment•added 2026/03/12 3:36 p.m.•0 views

CVE-2019-25518 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via arama.php

8.8CVSS5.9AI score0.0036EPSS

Cvelist•added 2026/03/12 3:36 p.m.•26 views

CVE-2019-25516 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

8.8CVSS0.00439EPSS

Cvelist•added 2026/03/12 3:36 p.m.•23 views

CVE-2019-25514 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

8.8CVSS0.00512EPSS

CVE•added 2026/03/12 3:36 p.m.•28 views

CVE-2019-25514

CVE-2019-25514 concerns the Jettweb PHP Hazir Haber Sitesi Scripti V3, which contains an SQL injection vulnerability exposed via the POST parameter kelime . The connected ENISA/EUVD entry confirms that attackers can inject SQL payloads through the kelime parameter (e.g., UNION-based injections) t...

9.8CVSS5.9AI score0.00512EPSS