Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.1 HIGH
CVE-2019-25529 — Placeto CMS Alpha rv.4 SQL Injection via page Parameter

Placeto CMS Alpha rv.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'page' parameter. Attackers can sen…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25528 — Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the property1 paramete…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25527 — Inout EasyRooms Ultimate Edition v1.0 SQL Injection via searchdetailed

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the numguest parameter…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25526 — Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the location parameter…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25525 — Inout EasyRooms Ultimate Edition v1.0 SQL Injection via search

Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the guests parameter. …

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25524 — XooGallery Lastest Latest SQL Injection via results.php

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET …

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25523 — XooGallery Lastest Latest SQL Injection via cat.php

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send G…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25522 — XooGallery Lastest Latest Multiple SQL Injections via photo.php

XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photo_id parameter. Attackers c…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25521 — XooGallery Lastest Latest SQL Injection via gal.php gal_id

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gal_id parameter. Attackers can send G…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25520 — Jettweb PHP Hazir Haber Sitesi Scripti V1 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25519 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. At…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25518 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via arama.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25517 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via haberarsiv.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter.…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25516 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gallery_id par…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.7 HIGH
CVE-2019-25515 — Jettweb PHP Hazir Haber Sitesi Scripti V3 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by …

Remote | Authentication
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25514 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can m…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25513 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter.…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25512 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can m…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25511 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parame…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25510 — Jettweb PHP Hazir Haber Sitesi Scripti V2 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting…

Remote | Authentication
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
Showing 20 of 5429 Results