CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

RedhatCVE•added 2026/02/23 7:25 p.m.•4 views

CVE-2019-25462

Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'klima' parameter. Attackers can send GET requests to with malicious 'klima' values to extract sensitive database information or...

8.8CVSS5.7AI score0.00262EPSS

Exploits0References1

RedhatCVE•added 2026/02/23 7:25 p.m.•6 views

CVE-2019-25460

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' GET parameter. Attackers can send requests to the arama endpoint with malicious 'q' values using time-based SQL...

8.8CVSS5.7AI score0.00363EPSS

Exploits1References1

RedhatCVE•added 2026/02/23 7:25 p.m.•5 views

CVE-2019-25459

Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlakdurumu, emlaktipi, il, ilce, kelime, and semt to extract sensitive...

9.8CVSS5.7AI score0.00433EPSS

Exploits1References1

RedhatCVE•added 2026/02/23 7:25 p.m.•5 views

CVE-2019-25455

Web Ofisi E-Ticaret v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'a' parameter. Attackers can send GET requests to with malicious 'a' parameter values to extract sensitive database information...

8.8CVSS5.7AI score0.00397EPSS

Exploits1References1

RedhatCVE•added 2026/02/23 7:25 p.m.•4 views

CVE-2019-25461

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using...

8.8CVSS5.7AI score0.0037EPSS

Exploits1References1

RedhatCVE•added 2026/02/23 7:25 p.m.•6 views

CVE-2019-25456

Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...

9.1CVSS5.7AI score0.00464EPSS

Exploits1References1

RedhatCVE•added 2026/02/23 7:25 p.m.•4 views

CVE-2019-25457

Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz' values using time-based blind SQL injectio...

8.8CVSS5.7AI score0.00405EPSS

Exploits1References1

RedhatCVE•added 2026/02/23 7:25 p.m.•5 views

CVE-2019-25458

Web Ofisi Firma Rehberi v1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can send requests to with malicious payloads in the 'il', 'kat', or 'kelime' parameters to extract...

9.8CVSS5.7AI score0.00479EPSS

Exploits1References1

NVD•added 2026/02/22 3:16 p.m.•4 views

CVE-2019-25461

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using...

8.8CVSS0.0037EPSS

Exploits1References3

OSV•added 2026/02/22 3:16 p.m.•1 views

CVE-2019-25460

7.5CVSS5.9AI score0.00363EPSS

Exploits1References3

OSV•added 2026/02/22 3:16 p.m.•3 views

CVE-2019-25456

9.1CVSS5.9AI score

Exploits0References3

OSV•added 2026/02/22 3:16 p.m.•4 views

CVE-2019-25459

9.8CVSS5.9AI score0.00433EPSS

Exploits1References3

NVD•added 2026/02/22 3:16 p.m.•8 views

CVE-2019-25457

8.8CVSS0.00405EPSS

Exploits1References3

NVD•added 2026/02/22 3:16 p.m.•5 views

CVE-2019-25456

9.1CVSS0.00464EPSS

Exploits1References3

OSV•added 2026/02/22 3:16 p.m.•3 views

CVE-2019-25457

7.5CVSS5.9AI score

Exploits0References3

NVD•added 2026/02/22 3:16 p.m.•7 views

CVE-2019-25458

9.8CVSS0.00479EPSS

Exploits1References3

NVD•added 2026/02/22 3:16 p.m.•6 views

CVE-2019-25459

9.8CVSS0.00433EPSS

Exploits1References3

OSV•added 2026/02/22 3:16 p.m.•0 views

CVE-2019-25455

7.5CVSS5.9AI score0.00397EPSS

Exploits1References3

ATTACKERKB•added 2026/02/22 2:12 p.m.•2 views

CVE-2019-25461

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using...

8.8CVSS6AI score0.0037EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/22 2:12 p.m.•4 views

CVE-2019-25461 Web Ofisi Platinum E-Ticaret v5 SQL Injection via ajax/productsFilterSearch

Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using...

8.8CVSS5.7AI score0.0037EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by