Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Inout EasyRooms Ultimate Edition SQL injection risk: sensitive data exposure
CVE-2019-25528
Summary
The Inout EasyRooms Ultimate Edition software has a security weakness that allows unauthorized users to access and modify sensitive data. This could lead to the theft of confidential information or disruption of the system. To protect your data, update the software to a fixed version or apply a patch as soon as possible.
Original title
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the property1 parame...
Original description
Inout EasyRooms Ultimate Edition v1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the property1 parameter. Attackers can send POST requests to the search/searchdetailed endpoint with malicious SQL payloads to extract sensitive data or modify database contents.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026