zjasonshen/contentManagementSystem

Releases0

Codepath Web Security Course

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-25300 ↗	Feb 6, 2026Friday, 6 February 2026, 17:16	7.1 HIGH	—
thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information.
CVE-2019-25303 ↗	Feb 6, 2026Friday, 6 February 2026, 17:16	7.1 HIGH	—
TheJshen ContentManagementSystem 1.04 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to extract or manipulate database information by crafting malicious query payloads.