SQL Injection Vulnerability in Netartmedia Real Estate Portal 5.0
CVE-2019-25542

8.8HIGH

Key Information:

Vendor: Netartmedia
Status: Netartmedia Real Estate Portal
Vendor: CVE Published:; 12 March 2026

🔔 Create Netartmedia Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2019-25542?

The Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that exposes the application to significant risks. By exploiting this flaw, attackers can send specially crafted POST requests to index.php, utilizing the user_email parameter to inject malicious SQL queries. This enables unauthorized users to manipulate database queries, potentially bypassing authentication mechanisms, extracting sensitive information, or making unauthorized modifications to the database. Prompt action is essential to secure affected installations and protect user data from exploitation.

Affected Version(s)

Netartmedia Real Estate Portal 5.0

References

https://www.exploit-db.com/exploits/46563

exploit

https://www.vulncheck.com/advisories/netartmedia-real-est...

third-party-advisory

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 12, 2026
👾
Exploit known to exist
Mar 12, 2026
Vulnerability published
Mar 12, 2026
Vulnerability Reserved
Mar 12, 2026

Credit

Ahmet Ümit BAYRAM

CVE-2019-25542 Data

JSON