SQL Injection Vulnerabilities in Netartmedia PHP Mall by Netartmedia
CVE-2019-25540

8.8HIGH

Key Information:

Vendor: Netartmedia
Status: Netartmedia PHP Mall
Vendor: CVE Published:; 12 March 2026

🔔 Create Netartmedia Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2019-25540?

Netartmedia PHP Mall version 4.1 is susceptible to multiple SQL injection vulnerabilities that enable unauthenticated attackers to manipulate database queries. By injecting crafted SQL payloads through various parameters, attackers can execute unauthorized database operations, potentially exposing sensitive information such as user credentials and other critical system data. Addressing this vulnerability is crucial for maintaining data integrity and protecting user privacy.

Affected Version(s)

Netartmedia PHP Mall 4.1

References

https://www.exploit-db.com/exploits/46562

exploit

https://www.vulncheck.com/advisories/netartmedia-php-mall...

third-party-advisory

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 12, 2026
👾
Exploit known to exist
Mar 12, 2026
Vulnerability published
Mar 12, 2026
Vulnerability Reserved
Mar 12, 2026

Credit

Ahmet Ümit BAYRAM

CVE-2019-25540 Data

JSON