Lucene search
K

216733 matches found

Cvelist
Cvelist
added 2026/03/12 3:36 p.m.21 views

CVE-2019-25509 XooDigital Lastest Latest SQL Injection via results.php

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET requests to results.php with malicious 'p' values to extract sensitive database information...

8.8CVSS0.00306EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25508 Jettweb Php Hazir Ilan Sitesi Scripti V2 SQL Injection via katgetir.php

Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. Attackers can send GET requests to the katgetir.php endpoint with malicious 'kat' values to...

8.8CVSS5.9AI score0.0036EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25508

Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. Attackers can send GET requests to the katgetir.php endpoint with malicious 'kat' values to...

8.8CVSS5.9AI score0.0036EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.26 views

CVE-2019-25508 Jettweb Php Hazir Ilan Sitesi Scripti V2 SQL Injection via katgetir.php

Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. Attackers can send GET requests to the katgetir.php endpoint with malicious 'kat' values to...

8.8CVSS0.0036EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:36 p.m.27 views

CVE-2019-25508

CVE-2019-25508 describes an SQL injection in the Jettweb Php Hazir Ilan Sitesi Scripti V2. The vulnerability arises from unsafely handling the GET parameter “kat” in the /katgetir.php endpoint, allowing unauthenticated attackers to manipulate queries and potentially exfiltrate database informatio...

8.8CVSS5.9AI score0.0036EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25488 Jettweb Hazir Rent A Car Scripti V4 SQL Injection via admin

Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php...

8.8CVSS6AI score0.00411EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.7 views

CVE-2019-25488

Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php...

8.8CVSS5.9AI score0.00411EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.27 views

CVE-2019-25488 Jettweb Hazir Rent A Car Scripti V4 SQL Injection via admin

Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php...

8.8CVSS0.00411EPSS
Exploits1References2
CVE
CVE
added 2026/03/12 3:36 p.m.7 views

CVE-2019-25488

CVE-2019-25488 relates to Jettweb Hazir Rent A Car Scripti V4, where the admin panel is vulnerable to multiple SQL injection flaws. The weaknesses allow unauthenticated attackers to manipulate database queries via GET parameters in admin/index.php, specifically the tur , id , and ozellikdil input...

9.8CVSS5.9AI score0.00411EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.27 views

CVE-2019-25482 Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 SQL Injection

Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arackategoriid parameter. Attackers can send POST requests to the endpoint with malicious SQL payloads to...

8.8CVSS0.00367EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.3 views

CVE-2019-25482 Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 SQL Injection

Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arackategoriid parameter. Attackers can send POST requests to the endpoint with malicious SQL payloads to...

8.8CVSS6AI score0.00367EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.7 views

CVE-2019-25482

Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arackategoriid parameter. Attackers can send POST requests to the endpoint with malicious SQL payloads to...

8.8CVSS5.9AI score0.00367EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25481

iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. Attackers can send POST requests to the search endpoint with crafted SQL payloads to extract sensitiv...

8.8CVSS5.9AI score0.00318EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.1 views

CVE-2019-25479 Inout RealEstate Lastest SQL Injection via agentlistdetails

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST requests to the agents/agentlistdetails endpoint with malicious SQL payloads in the city paramete...

8.8CVSS6AI score0.00377EPSS
Exploits0References2
CVE
CVE
added 2026/03/12 3:36 p.m.7 views

CVE-2019-25481

CVE-2019-25481 affects iScripts ReserveLogic. An SQL injection vulnerability exists in the jqSearchDestination parameter, allowing unauthenticated attackers to manipulate database queries by sending crafted POST requests to the search endpoint and potentially exfiltrate sensitive data. The issue ...

8.8CVSS5.9AI score0.00318EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.25 views

CVE-2019-25481 iScripts ReserveLogic Lastest SQL Injection via search endpoint

iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. Attackers can send POST requests to the search endpoint with crafted SQL payloads to extract sensitiv...

8.8CVSS0.00318EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 3:36 p.m.2 views

CVE-2019-25479

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST requests to the agents/agentlistdetails endpoint with malicious SQL payloads in the city paramete...

8.8CVSS5.9AI score0.00377EPSS
Exploits0References2
CVE
CVE
added 2026/03/12 3:36 p.m.11 views

CVE-2019-25479

Inout RealEstate contains an SQL injection vulnerability exploitable by unauthenticated attackers via the city parameter in a POST to agents/agentlistdetails. The issue allows manipulation of database queries and extraction of sensitive data, with the vulnerability assessed as high (CVSS 3.1: 8.2...

8.8CVSS5.9AI score0.00377EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/12 3:36 p.m.24 views

CVE-2019-25479 Inout RealEstate Lastest SQL Injection via agentlistdetails

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST requests to the agents/agentlistdetails endpoint with malicious SQL payloads in the city paramete...

8.8CVSS0.00377EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/12 3:36 p.m.3 views

CVE-2019-25473 Clinic Pro SQL Injection via monthly_expense_overview month Parameter

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST requests to the monthlyexpenseoverview endpoint with crafted month values using boolean-based blind,...

7.1CVSS6AI score0.00323EPSS
Exploits0References2
Rows per page
Query Builder