CVE-2019-25638

Name of the Vulnerable Software and Affected Versions Meeplace Business Review Script (affected versions not specified)

Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. This is achieved by sending GET requests to the 'addclick.php' endpoint with crafted SQL payloads in the id parameter to extract sensitive database information or cause denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.