CVE-2019-25510

EIP tracks 1 public exploit for CVE-2019-25510. PoCs published by Ahmet Ümit BAYRAM.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in Jettweb PHP Hazır Haber Sitesi Scripti V2 by using SQL injection-like syntax in the login form. The PoC provides specific credentials to bypass authentication and gain access to the administration panel.

Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vulnerability in the administration panel that allows unauthenticated attackers to gain administrative access by exploiting improper SQL query validation. Attackers can submit SQL injection payloads in the username and password fields of the admingiris.php login form to bypass authentication and access the administrative interface.