CVE-2019-25335 PUBLISHED

PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass

Assigner: VulnCheck
Reserved: 12.02.2026 Published: 12.02.2026 Updated: 12.02.2026

PRO-7070 Hazır Profesyonel Web Sitesi version 1.0 contains an authentication bypass vulnerability in the administration panel login page. Attackers can bypass authentication by using '=' 'or' as both username and password to gain unauthorized access to the administrative interface.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
CVSS Score: 8.8

Product Status

Vendor Websitem
Product 7070 Hazır Profesyonel Web Sitesi
Versions
  • Version 1.0 is affected

Credits

  • Ahmet Ümit BAYRAM finder

References

Problem Types

  • Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE