Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabilities in the admin panel that allow unauthenticated attackers to manipulate databa…

CVE-2019-25488 affects Jettweb Hazir Rent A Car Scripti V4, containing multiple SQL injection vulnerabilities in the admin panel. Unauthenticated attackers can manipulate database queries through GET parameters including 'tur', 'id', and 'ozellikdil' in the admin/index.php endpoint. The vulnerabilities allow extraction of sensitive database information and potential denial of service attacks. Multiple security advisories and exploit code are publicly available for this vulnerability.