Security Advisory

CVE-2019-25486

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-11 18:23:23

Last updated 2026-04-07 14:04:38

Assigner VulnCheck

State PUBLISHED

Description

Varient 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_id parameter. Attackers can submit POST requests with crafted SQL payloads in the user_id field to bypass authentication and extract sensitive database information.

← Browse all CVEs View on cve.org ↗