Home / Vulnerability Intelligence / CVE-2019-25514

CVE-2019-25514 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 12, 2026

Jettweb PHP Hazir Haber Sitesi Scripti - SQL Injection

Published: March 12, 2026Updated: March 12, 2026Remote Exploitable

Overview

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an sql injection caused by unsanitized kelime parameter in POST requests, letting attackers extract sensitive data or bypass authentication via UNION-based payloads.

Severity & Score

Severity: High

CVSS Score: 8.2

Impact

Attackers can extract sensitive data or bypass authentication controls, compromising database confidentiality and integrity.

Mitigation

Update to the latest version with SQL injection protections or apply appropriate input sanitization and parameterized queries.

References

https://www.exploit-db.com/exploits/46599
https://www.vulncheck.com/advisories/jettweb-php-hazir-haber-sitesi-scripti-v3-sql-injection-3

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2019-25514
Severity: High
CVSS Score: 8.2
Type: sql_injection
Status: unconfirmed

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N