CVE-2019-25515 affects Jettweb PHP Hazir Haber Sitesi Scripti V3, containing an authentication bypass vulnerability in the login.php administration panel. Unauthenticated attackers can gain administrative access by submitting crafted SQL syntax using equals signs and 'or' operators as username and password parameters. This SQL injection vulnerability allows complete bypass of authentication controls without requiring valid credentials. The vulnerability provides immediate administrative access to the affected content management system. Exploit code is publicly available on Exploit-DB, increasing the risk of active exploitation.