CYBERHAWK / CVE / CVE-2019-25728

CVE-2019-25728

Care2x

HIGH CVSS 8.2 other

The flaw

Multiple SQL injection vulnerabilities allow unauthenticated attackers to execute arbitrary SQL commands through ck_config cookie.

What to do

Update to version newer than 2.7 or sanitize cookie parameters

▸ Scan my repo for CVE-2019-25728

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-06-05 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits