Unrated severityNVD Advisory· Published Mar 12, 2026· Updated Mar 14, 2026
Jettweb Hazir Rent A Car Scripti V4 SQL Injection via admin
CVE-2019-25488
Description
Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into the 'tur', 'id', and 'ozellikdil' parameters of the admin/index.php endpoint to extract sensitive database information or cause denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= V4+ 1 more
- (no CPE)range: = V4
- (no CPE)range: 4.0
Patches
Vulnerability mechanics
References
2- www.exploit-db.com/exploits/46614mitreexploit
- www.vulncheck.com/advisories/jettweb-hazir-rent-a-car-scripti-v4-sql-injection-via-adminmitrethird-party-advisory
News mentions
0No linked articles in our index yet.