Unrated severityNVD Advisory· Published Jan 8, 2023· Updated Aug 5, 2024

happyman twmap pointdata2.php sql injection

CVE-2019-25100

Description

A vulnerability was found in happyman twmap. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file twmap3/data/ajaxCRUD/pointdata2.php. The manipulation of the argument id leads to sql injection. Upgrading to version v2.9_v4.31 is able to address this issue. The identifier of the patch is babbec79b3fa4efb3bd581ea68af0528d11bba0c. It is recommended to upgrade the affected component. The identifier VDB-217645 was assigned to this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Happycgi/Happymallllm-fuzzy
Range: < v2.9_v4.31
happyman/twmapv5
Range: n/a

Patches

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/happyman/twmap/commit/babbec79b3fa4efb3bd581ea68af0528d11bba0cmitrepatch
github.com/happyman/twmap/releases/tag/v2.9_v4.31mitrepatch
github.com/happyman/twmap/issues/42mitreissue-tracking
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000