Security Advisory

CVE-2019-25539

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-12 15:37:09

Last updated 2026-03-12 16:19:47

Assigner VulnCheck

State PUBLISHED

Description

202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the log_user parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection techniques to extract sensitive database information.

← Browse all CVEs View on cve.org ↗