Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecti…

CVE-2019-25508 affects Jettweb Php Hazir Ilan Sitesi Scripti V2, containing an SQL injection vulnerability in the katgetir.php endpoint. Unauthenticated attackers can exploit this vulnerability by manipulating the 'kat' parameter through GET requests. The vulnerability allows attackers to inject malicious SQL code into database queries. Successful exploitation enables extraction of sensitive database information. The vulnerability requires no authentication, making it easily exploitable by remote attackers.