Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.8 HIGH
CVE-2019-25522 — XooGallery Lastest Latest Multiple SQL Injections via photo.php

XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photo_id parameter. Attackers c…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25521 — XooGallery Lastest Latest SQL Injection via gal.php gal_id

XooGallery Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gal_id parameter. Attackers can send G…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25520 — Jettweb PHP Hazir Haber Sitesi Scripti V1 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25519 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the option parameter. At…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25518 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via arama.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the poll parameter…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25517 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via haberarsiv.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter.…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25516 — Jettweb PHP Hazir Haber Sitesi Scripti V1 SQL Injection via gallery.php

Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the gallery_id par…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.7 HIGH
CVE-2019-25515 — Jettweb PHP Hazir Haber Sitesi Scripti V3 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by …

Remote | Authentication
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25514 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can m…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25513 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection via datagetir.php

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter.…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25512 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows attackers to inject malicious SQL commands through the kelime parameter in POST requests. Attackers can m…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25511 — Jettweb PHP Hazir Haber Sitesi Scripti V3 SQL Injection

Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the videoid parame…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25510 — Jettweb PHP Hazir Haber Sitesi Scripti V2 Authentication Bypass

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting…

Remote | Authentication
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25509 — XooDigital Lastest Latest SQL Injection via results.php

XooDigital Latest contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'p' parameter. Attackers can send GET …

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25508 — Jettweb Php Hazir Ilan Sitesi Scripti V2 SQL Injection via katgetir.php

Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'kat' parameter…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25488 — Jettweb Hazir Rent A Car Scripti V4 SQL Injection via admin

Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate database queries through GET parameters. Atta…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25482 — Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 SQL Injection

Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the arac_kate…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25481 — iScripts ReserveLogic Lastest SQL Injection via search endpoint

iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. Att…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
8.8 HIGH
CVE-2019-25479 — Inout RealEstate Lastest SQL Injection via agentlistdetails

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
7.1 HIGH
CVE-2019-25473 — Clinic Pro SQL Injection via monthly_expense_overview month Parameter

Clinic Pro contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the month parameter. Attackers can send POST request…

Remote | Injection
Mar 12, 2026 Mar 12, 2026
Mar 12, 2026
Mar 12, 2026
Showing 20 of 5460 Results