Perceptive Security
SOC/SIEM Consultancy
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by inject…
Published:
11 maart 2026 om 23:00:00
Alert date:
12 maart 2026 om 17:15:30
Source:
nvd.nist.gov
Web Technologies, Database & Storage
CVE-2019-25511 affects Jettweb PHP Hazir Haber Sitesi Scripti V3, containing an SQL injection vulnerability in the videoid parameter. Unauthenticated attackers can manipulate database queries by sending malicious GET requests to fonksiyonlar.php. The vulnerability enables UNION-based injection attacks to extract sensitive database information. Attackers can exploit this flaw without authentication, making it a significant security risk. The vulnerability allows complete database compromise through SQL injection techniques.
Technical details
Mitigation steps:
Affected products:
Jettweb PHP Hazir Haber Sitesi Scripti
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2019-25511
https://www.exploit-db.com/exploits/46599
https://www.vulncheck.com/advisories/jettweb-php-hazir-haber-sitesi-scripti-v3-sql-injection
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.