Sign in Subscribe

← All vendors

Vendor

Myt Project

Products

1

CVEs

1

Across products

1

Status

Private

Products

1

Myt
1 CVE

Recent CVEs

1

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2019-25713	Hig	0.46	7.1	0.00		Apr 12, 2026	MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Charge[group_total] parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind, or stacked query payloads to extract sensitive database information or manipulate data.

CVE-2019-25713HigApr 12, 2026
risk 0.46cvss 7.1epss 0.00
MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the Charge[group_total] parameter. Attackers can submit crafted POST requests to the /charge/admin endpoint with error-based, time-based blind, or stacked query payloads to extract sensitive database information or manipulate data.