Konradpl99

konradpl99

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

202cms

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-25539 1Konradpl99 1202cms Mar 16, 2026 Mar 12, 2026 8.8 HIGH· v4 8.2 HIGH· v3 N/A· v2 202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send POST requests to...Show more 202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection techniques to extract sensitive database information.Show less
CVE-2019-25538 1Konradpl99 1202cms Mar 16, 2026 Mar 12, 2026 8.8 HIGH· v4 8.2 HIGH· v3 N/A· v2 202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send crafted requests with...Show more 202CMS v10 beta contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send crafted requests with malicious SQL statements in the log_user field to extract sensitive database information or modify database contents.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-25539

1Konradpl99

1202cms

Mar 16, 2026

Mar 12, 2026

8.8 HIGH· v4

8.2 HIGH· v3

N/A· v2

202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection techniques to extract sensitive database information.Show less

CVE-2019-25538