CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/04/05 8:58 p.m.•0 views

CVE-2019-25675 eDirectory All Versions SQL Injection Authentication Bypass

eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection t...

8.8CVSS6AI score0.00529EPSS

Exploits1References3

Cvelist•added 2026/04/05 8:58 p.m.•18 views

CVE-2019-25675 eDirectory All Versions SQL Injection Authentication Bypass

8.8CVSS0.00529EPSS

Exploits1References3

CVE•added 2026/04/05 8:58 p.m.•6 views

CVE-2019-25675

CVE-2019-25675 concerns the eDirectory product, affecting all versions per title, with multiple SQL injection vulnerabilities. The root cause is unparameterized SQL in the login flow, allowing unauthenticated attackers to bypass administrator authentication by injecting SQL into the key parameter...

8.8CVSS6AI score0.00529EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/04/05 8:45 p.m.•20 views

CVE-2019-25704 Kados R10 GreenBee SQL Injection via filter_user_mail

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

8.8CVSS0.00311EPSS

CVE•added 2026/04/05 8:45 p.m.•8 views

CVE-2019-25704

CVE-2019-25704 relates to Kados R10 GreenBee and a reported SQL injection vulnerability exposed through the filter_user_mail parameter. The vulnerability allows an attacker to inject SQL code into database queries via crafted requests, with the potential to extract sensitive data or modify data. ...

Cvelist•added 2026/04/05 8:45 p.m.•20 views

CVE-2019-25702 Kados R10 GreenBee SQL Injection via id_project Parameter

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the idproject parameter. Attackers can send crafted requests with malicious SQL statements in the idproject parameter to extract sensitive database...

8.8CVSS0.00311EPSS

Vulnrichment•added 2026/04/05 8:45 p.m.•1 views

CVE-2019-25700 Kados R10 GreenBee SQL Injection via sort_direction Parameter

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the sortdirection parameter. Attackers can submit malicious SQL statements in the sortdirection parameter to extract sensitive database information or modi...

ATTACKERKB•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25700

Cvelist•added 2026/04/05 8:45 p.m.•19 views

CVE-2019-25698 Kados R10 GreenBee SQL Injection via id_to_delete Parameter

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the idtodelete parameter. Attackers can send crafted requests with malicious SQL statements in the idtodelete field to extract or modify sensitive database...

8.8CVSS0.00311EPSS

ATTACKERKB•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25698

CVE•added 2026/04/05 8:45 p.m.•5 views

CVE-2019-25698

Kados R10 GreenBee has an SQL injection vulnerability in the id_to_delete parameter. Attackers can craft requests to manipulate SQL queries and potentially extract or modify sensitive data. The issue is documented across multiple feeds (NVD/CVE/CIRCL/etc.) with network-based access and high impac...

CVE•added 2026/04/05 8:45 p.m.•6 views

CVE-2019-25696

CVE-2019-25696 – Kados R10 GreenBee SQL injection : The affected product is Kados R10 GreenBee. The vulnerability arises from a flaw in the language_tag parameter that allows attackers to inject SQL and manipulate database queries. Potential impacts are high confidentiality and high integrity com...

Vulnrichment•added 2026/04/05 8:45 p.m.•1 views

CVE-2019-25694 Kados R10 GreenBee SQL Injection via user2reset

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user2reset parameter. Attackers can send crafted requests with malicious SQL payloads to extract sensitive database information or modi...

8.8CVSS6AI score0.00398EPSS

ATTACKERKB•added 2026/04/05 8:45 p.m.•1 views

CVE-2019-25694

8.8CVSS6AI score0.00398EPSS

Cvelist•added 2026/04/05 8:45 p.m.•22 views

CVE-2019-25694 Kados R10 GreenBee SQL Injection via user2reset

8.8CVSS0.00398EPSS

ATTACKERKB•added 2026/04/05 8:45 p.m.•1 views

CVE-2019-25692

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'idtomodify' parameter. Attackers can send crafted requests with malicious SQL statements in the idtomodify field to extract sensitive database...

CVE•added 2026/04/05 8:45 p.m.•18 views

CVE-2019-25692

Kados R10 GreenBee is affected by an SQL injection in the id_to_modify parameter. The vulnerability allows attackers to manipulate queries to extract sensitive data or modify data. The issue is described across multiple sources (NVD, EUVD, CIRCL, CVE lists, and vendor advisories). No explicit rem...

ATTACKERKB•added 2026/04/05 8:45 p.m.•1 views

CVE-2019-25690

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the mngprofileid parameter. Attackers can send crafted requests with malicious SQL payloads in the mngprofileid parameter to extract sensitive database...

Vulnrichment•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25690 Kados R10 GreenBee SQL Injection via mng_profile_id