Lucene search
K

216734 matches found

Cvelist
Cvelist
added 2026/03/12 3:36 p.m.23 views

CVE-2019-25517 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via haberarsiv.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send requests to haberarsiv.php with malicious cid values using UNION-based injecti...

8.8CVSS0.00451EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25516

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

8.8CVSS5.9AI score0.00439EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.26 views

CVE-2019-25516 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

8.8CVSS0.00439EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25516 Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the galleryid parameter. Attackers can send GET requests to gallery.php with malicious galleryid values using...

8.8CVSS5.9AI score0.00439EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.26 views

CVE-2019-25515 Jettweb PHP Hazir Haber Sitesi Scripti V3 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...

8.7CVSS0.01089EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25514 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive data...

8.8CVSS5.9AI score0.00512EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.0 views

CVE-2019-25514

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive data...

8.8CVSS5.9AI score0.00512EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/12 3:36 p.m.34 views

CVE-2019-25514

CVE-2019-25514 concerns the Jettweb PHP Hazir Haber Sitesi Scripti V3, which contains an SQL injection vulnerability exposed via the POST parameter kelime . The connected ENISA/EUVD entry confirms that attackers can inject SQL payloads through the kelime parameter (e.g., UNION-based injections) t...

9.8CVSS5.9AI score0.00512EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.4 views

CVE-2019-25513 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.00564EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.4 views

CVE-2019-25513

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS5.9AI score0.00564EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/12 3:36 p.m.11 views

CVE-2019-25513

The CVE-2019-25513 entry affects Jettweb PHP Hazir Haber Sitesi Scripti V3. An SQL injection flaw exists in the datagetir.php interface via the q parameter, allowing unauthenticated attackers to manipulate database queries using time-based blind techniques to extract data or bypass authentication...

9.8CVSS5.9AI score0.00564EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.28 views

CVE-2019-25513 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind...

8.8CVSS0.00564EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.25 views

CVE-2019-25512 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...

8.8CVSS0.00331EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.0 views

CVE-2019-25512

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...

8.8CVSS5.9AI score0.00331EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.0 views

CVE-2019-25512 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive databa...

8.8CVSS5.9AI score0.00331EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:36 p.m.8 views

CVE-2019-25511

CVE-2019-25511 describes an SQL injection in the Jettweb PHP Hazir Haber Sitesi Scripti V3. An unauthenticated attacker can manipulate queries by supplying malicious values to the videoid parameter in GET requests to fonksiyonlar.php, using UNION-based injection to exfiltrate data. The CVSS metri...

8.8CVSS5.9AI score0.00369EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25511

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

8.8CVSS5.9AI score0.00369EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.0 views

CVE-2019-25511 Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using...

8.8CVSS5.9AI score0.00369EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25509 XooDigital Lastest Latest SQL Injection via results.php

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

8.8CVSS5.9AI score0.00306EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25510

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and...

8.8CVSS5.8AI score0.00538EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder