CVE-2019-25531

Sažetak

Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authentication mechanisms.

Reference

https://www.exploit-db.com/exploits/46582
https://www.vulncheck.com/advisories/netartmedia-deals-portal-lastest-sql-injection-via-loginaction-php

CVSS

Base:	8.2
Impact:	4.2
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Zadnje važnije ažuriranje

12-03-2026 - 21:07

Objavljeno

12-03-2026 - 16:16