Home / Vulnerability Intelligence / CVE-2019-25540

CVE-2019-25540 - Vulnerability Analysis

HighCVSS: 8.2

Last Updated: March 12, 2026

Netartmedia PHP Mall - SQL Injection

Published: March 12, 2026Updated: March 12, 2026Remote Exploitable

Overview

Netartmedia PHP Mall 4.1 contains multiple sql injection vulnerabilities caused by unsanitized input in various parameters, letting unauthenticated attackers extract sensitive database information, exploit requires crafted malicious requests.

Severity & Score

Severity: High

CVSS Score: 8.2

Impact

Unauthenticated attackers can extract sensitive database information including user credentials and system data.

Mitigation

Update to the latest version of Netartmedia PHP Mall.

References

https://www.exploit-db.com/exploits/46562
https://www.vulncheck.com/advisories/netartmedia-php-mall-multiple-sql-injection

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2019-25540
Severity: High
CVSS Score: 8.2
Type: sql_injection
Status: unconfirmed

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N