CyberSec.Space Logo
Back to CVE Browser

CVE-2019-25540

HIGH
8.2
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile27.62th
PublishedMar 12, 2026
Last ModifiedMar 23, 2026

Vulnerability Description

Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information including user credentials and system data.

Affected Platforms (CPE)

📦
Netartmedia

Php Mall

= 4.1

References & Advisories

🔗 https://www.exploit-db.com/exploits/46562
🔗 https://www.vulncheck.com/advisories/netartmedia-php-mall-multiple-sql-injection

Related Vulnerabilities

CVE-2017-179289.8

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.

CVE-2017-179319.8

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter.

CVE-2017-179069.8

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.

CVE-2017-179519.8

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.