CVE-2019-25510

Name of the Vulnerable Software and Affected Versions Jettweb PHP Hazir Haber Sitesi Scripti V2 (affected versions not specified)

Description The software contains an authentication bypass issue in the administration panel. Unauthenticated attackers can gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and password fields of the ''admingiris.php'' login form to bypass authentication and access the administrative interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.