CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-25498

HIGH
8.2
CVSS Severity Score
EPSS Score0.0520%
EPSS Percentile40.04th
Published2026年3月4日
Last Modified2026年3月6日

Vulnerability Description

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landing_location parameter. Attackers can send POST requests to the searched endpoint with malicious SQL payloads to bypass authentication and extract sensitive database information.

Affected Platforms (CPE)

📦
Simplejobscript

Simplejobscript

<= 1.66

References & Advisories

🔗 https://www.exploit-db.com/exploits/46612
🔗 https://www.vulncheck.com/advisories/simple-job-script-sql-injection-via-searched-endpoint

相关漏洞威胁

CVE-2019-002010.0

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full contr...

CVE-2019-002210.0

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full contro...

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-760910.0

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with acce...