CVE-2019-25347 — thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or &# — CVE Database · The Intelligence Room