CVE-2019-25498
EUVD-2019-1972404.03.2026, 18:16
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landing_location parameter. Attackers can send POST requests to the searched endpoint with malicious SQL payloads to bypass authentication and extract sensitive database information.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| simplejobscript | simplejobscript | 𝑥 ≤ 1.66 |
𝑥
= Vulnerable software versions