CyberSec.Space Logo
Back to CVE Browser

CVE-2019-25498

HIGH
8.2
CVSS Severity Score
EPSS Score0.0520%
EPSS Percentile40.04th
PublishedMar 4, 2026
Last ModifiedMar 6, 2026

Vulnerability Description

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landing_location parameter. Attackers can send POST requests to the searched endpoint with malicious SQL payloads to bypass authentication and extract sensitive database information.

Affected Platforms (CPE)

📦
Simplejobscript

Simplejobscript

<= 1.66

References & Advisories

🔗 https://www.exploit-db.com/exploits/46612
🔗 https://www.vulncheck.com/advisories/simple-job-script-sql-injection-via-searched-endpoint

Related Vulnerabilities

CVE-2019-420210.0

IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An attacker with a specially crafted requ...

CVE-2019-760910.0

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with acce...

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-954810.0

Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control.