VYPR

Hazir Haber Sitesi Scripti

by Jettweb

CVEs (12)

  • CVE-2019-25520Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in…

  • CVE-2019-25519Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. Attackers can send POST requests to uyelik.php with crafted payloads in the option…

  • CVE-2019-25518Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter. Attackers can send POST requests to arama.php with malicious SQL payloads in…

  • CVE-2019-25517Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send requests to haberarsiv.php with malicious cid values using…

  • CVE-2019-25516Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gallery_id parameter. Attackers can send GET requests to gallery.php with malicious gallery_id…

  • CVE-2019-25515Mar 12, 2026
    risk 0.00cvss epss 0.01

    Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting…

  • CVE-2019-25514Mar 12, 2026
    risk 0.00cvss epss 0.01

    Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to…

  • CVE-2019-25513Mar 12, 2026
    risk 0.00cvss epss 0.01

    Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send GET requests to datagetir.php with malicious 'q' values…

  • CVE-2019-25512Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can manipulate the kelime parameter with UNION-based SQL injection payloads to…

  • CVE-2019-25511Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parameter. Attackers can send GET requests to fonksiyonlar.php with malicious videoid…

  • CVE-2019-25510Mar 12, 2026
    risk 0.00cvss epss 0.01

    Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in…

  • CVE-2019-25508Mar 12, 2026
    risk 0.00cvss epss 0.00

    Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter. Attackers can send GET requests to the katgetir.php endpoint with malicious…