CVE-2019-25348

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

13 Feb 2026, 16:16

Type Values Removed Values Added
Summary (en) Computrols CBAS-Web 19.0.0 contains a boolean-based blind SQL injection vulnerability in the 'id' parameter that allows authenticated attackers to manipulate database queries. Attackers can exploit the vulnerability by crafting boolean-based SQL injection payloads in the 'id' parameter of the servers endpoint to extract or infer database information. (en) Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
References
  • {'url': 'https://www.computrols.com/building-automation-software/', 'source': 'disclosure@vulncheck.com'}
  • {'url': 'https://www.computrols.com/capabilities-cbas-web/', 'source': 'disclosure@vulncheck.com'}
  • {'url': 'https://www.exploit-db.com/exploits/47631', 'source': 'disclosure@vulncheck.com'}
  • {'url': 'https://www.vulncheck.com/advisories/cbas-web-id-boolean-based-blind-sql-injection', 'source': 'disclosure@vulncheck.com'}
CVSS v2 : unknown
v3 : 7.1
v2 : unknown
v3 : unknown
CWE CWE-89

12 Feb 2026, 20:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-02-12 20:16

Updated : 2026-02-13 16:16


NVD link : CVE-2019-25348

Mitre link : CVE-2019-25348

CVE.ORG link : CVE-2019-25348


JSON object : View

Products Affected

No product.

CWE

No CWE.