CVEDB API

Vulnerabilities

Vulnerable Software

Jettweb: >> Php Stock News Site Script >> 3 Security Vulnerabilities

CVE-2019-25515

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and 'or' operators as username and password parameters to access the administration panel without valid credentials.

CVSS Score

7.5

EPSS Score

0.005

Published

2026-03-12

CVE-2019-25511

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid values using UNION-based injection to extract sensitive database information.

CVSS Score

8.2

EPSS Score

0.001

Published

2026-03-12

CVE-2019-25512

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to extract sensitive database information or modify database contents.

CVSS Score

8.2

EPSS Score

0.0

Published

2026-03-12

CVE-2019-25513

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values using time-based blind SQL injection techniques to extract sensitive database information or bypass authentication.

CVSS Score

8.2

EPSS Score

0.002

Published

2026-03-12

CVE-2019-25514

CVSS Score

8.2

EPSS Score

0.001

Published

2026-03-12

Page 1

Vulnerabilities

Vulnerable Software

Jettweb: >> Php Stock News Site Script >> 3 Security Vulnerabilities

Products

Pricing

Contact Us