Home / Vulnerability Intelligence / CVE-2019-25482

CVE-2019-25482 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 12, 2026

Jettweb PHP Hazir Rent A Car Sitesi Scripti - SQL Injection

Published: March 12, 2026Updated: March 12, 2026Remote Exploitable

Overview

Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an sql injection caused by unsanitized input in the arac_kategori_id parameter, letting unauthenticated attackers extract sensitive database information via crafted POST requests.

Severity & Score

Severity: High

CVSS Score: 8.2

EPSS Score: 6.6%(Probability of exploitation in next 30 days)

Impact

Unauthenticated attackers can extract sensitive database information, leading to data disclosure and potential further compromise.

Mitigation

Update to the latest version that patches the SQL injection vulnerability.

References

Social Media Activity(1 post)

Yazoul - Cybersecurity Alerts

@Matchbook3469

Mar 13, 2026

⚠️ New security advisory: CVE-2019-25482 affects multiple systems. • Impact: Significant security breach potential • Risk: Unauthorized access or data exposure • Mitigation: Apply patches within 24-48 hours Full breakdown: https://www.yazoul.net/advisory/cve/cve-2019-25482-jettweb-php-hazir-rent-a-car-script-sql-injection #Cybersecurity #ZeroDay #ThreatIntel

View original post

Related Resources

Details

CVE ID: CVE-2019-25482
Severity: High
CVSS Score: 8.2
Type: sql_injection
Status: unconfirmed
EPSS: 6.6%
Social Posts: 1

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS Score

6.6%Probability of exploitation in the next 30 days