CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-25540

HIGH
8.2
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile27.62th
Published2026年3月12日
Last Modified2026年3月23日

Vulnerability Description

Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information including user credentials and system data.

Affected Platforms (CPE)

📦
Netartmedia

Php Mall

= 4.1

References & Advisories

🔗 https://www.exploit-db.com/exploits/46562
🔗 https://www.vulncheck.com/advisories/netartmedia-php-mall-multiple-sql-injection

相关漏洞威胁

CVE-2017-179289.8

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.

CVE-2017-179319.8

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter.

CVE-2017-179069.8

PHP Scripts Mall Car Rental Script has SQL Injection via the admin/carlistedit.php carid parameter.

CVE-2017-179519.8

PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the shopping-cart.php cusid parameter.