CVE-2019-25100

Source
https://nvd.nist.gov/vuln/detail/CVE-2019-25100
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-25100.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-25100
Published
2023-01-08T11:15:10Z
Modified
2025-01-08T10:25:11.965356Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in happyman twmap. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file twmap3/data/ajaxCRUD/pointdata2.php. The manipulation of the argument id leads to sql injection. Upgrading to version v2.9_v4.31 is able to address this issue. The identifier of the patch is babbec79b3fa4efb3bd581ea68af0528d11bba0c. It is recommended to upgrade the affected component. The identifier VDB-217645 was assigned to this vulnerability.

References

Affected packages

Git / github.com/happyman/twmap

Affected ranges

Type
GIT
Repo
https://github.com/happyman/twmap
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

Other

del

v2.*

v2.70_3.76
v2.70_3.8
v2.72_3.8
v2.72_3.81
v2.73_3.85
v2.77_3.86
v2.77_3.93
v2.77_3.97
v2.79_3.99
v2.79_4.02
v2.79_4.03
v2.7_3.76
v2.80_4.12
v2.81_4.12
v2.81_4.14
v2.81_4.15
v2.81_v4.16
v2.81_v4.20
v2.82_v4.25