CVE-2019-25697 | VictorAlagwu CMSsite 1.0 GET Request category.php cat_id sql injection (Exploit 46259 / EDB-46259)

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability identified as critical has been detected in VictorAlagwu CMSsite 1.0. This issue affects some unknown processing of the file category.php of the component GET Request Handler. Performing a manipulation of the argument cat_id results in sql injection.

This vulnerability is cataloged as CVE-2019-25697. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2019-25697 | VictorAlagwu CMSsite 1.0 GET Request category.php cat_id sql injection (Exploit 46259 / EDB-46259)

Post correlati

CVE-2023-34436 | GTKWave 3.3.115 LXT2 num_time_table_entries out-of-bounds write (TALOS-2023-1819)

CVE-2023-36520 | MarketingFire Editorial Calendar Plugin up to 3.7.12 on WordPress authorization

CVE-2023-5958 | POST SMTP Mailer Plugin up to 2.7.0 on WordPress Email Message Content cross site scripting

CVE-2020-37013 | Tucows Audio Playback Recorder 3.2.2 eject/registration stack-based overflow (Exploit 48796)