Home / Vulnerability Intelligence / CVE-2019-25518

CVE-2019-25518 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 12, 2026

Jettweb PHP Hazir Haber Sitesi Scripti - SQL Injection

Published: March 12, 2026Updated: March 12, 2026Remote Exploitable

Overview

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an sql injection caused by unsanitized input in the poll parameter in arama.php, letting unauthenticated attackers manipulate database queries and extract or modify data.

Severity & Score

Severity: High

CVSS Score: 8.2

Impact

Unauthenticated attackers can extract sensitive data or modify database contents, potentially compromising the entire database.

Mitigation

Update to the latest version of Jettweb PHP Hazir Haber Sitesi Scripti.

References

https://www.exploit-db.com/exploits/46597
https://www.vulncheck.com/advisories/jettweb-php-hazir-haber-sitesi-scripti-v1-sql-injection-via-arama-php

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2019-25518
Severity: High
CVSS Score: 8.2
Type: sql_injection
Status: unconfirmed

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N