Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
iScripts ReserveLogic allows unauthorized database data extraction
CVE-2019-25481
Summary
iScripts ReserveLogic has a security weakness that lets attackers steal sensitive information from its database without needing a password. This affects systems using iScripts ReserveLogic. Update the software to the latest version to fix this issue.
Original title
iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. A...
Original description
iScripts ReserveLogic contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jqSearchDestination parameter. Attackers can send POST requests to the search endpoint with crafted SQL payloads to extract sensitive database information.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026