High severity8.2NVD Advisory· Published Mar 21, 2026· Updated Apr 15, 2026
CVE-2019-25576
CVE-2019-25576
Description
Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to extract database information including usernames, database names, and MySQL version details.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:keplerwallpapers:kepler_wallpaper_script:1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:keplerwallpapers:kepler_wallpaper_script:1.1:*:*:*:*:*:*:*
- (no CPE)range: =1.1
Patches
Vulnerability mechanics
References
4- www.exploit-db.com/exploits/46207nvdExploitVDB Entry
- www.vulncheck.com/advisories/kepler-wallpaper-script-sql-injection-via-categorynvdThird Party Advisory
- codeclerks.com/PHP/1559/Kepler-Wallpaper-ScriptnvdProduct
- keplerwallpapers.onlinenvdBroken Link
News mentions
0No linked articles in our index yet.