Cyber Resilience

CVE-2019-25444

HighPublic PoC

Published: 20 February 2026

Published
20 February 2026
Modified
02 March 2026
KEV Added
Patch
CVSS Score v4 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0037 29.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2019-25444 is a high-severity SQL Injection (CWE-89) vulnerability in Phpscriptsmall Fiverr Clone Script. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2019-25444 is an SQL injection vulnerability (CWE-89) affecting Fiverr Clone Script version 1.2.2. The issue resides in the handling of the "page" parameter, which fails to properly sanitize user input, allowing attackers to inject arbitrary SQL code into database queries. Published on 2026-02-20, it carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N), reflecting high severity due to its potential for critical impacts on confidentiality and integrity.

Unauthenticated remote attackers can exploit this vulnerability by supplying malicious SQL syntax in the page parameter, manipulating database queries without requiring privileges or user interaction. Exploitation enables extraction of sensitive database information, such as user credentials or other confidential data, as well as modification of database contents, potentially leading to data tampering or unauthorized access escalations.

Advisories and exploit details are documented in references including Exploit-DB (https://www.exploit-db.com/exploits/46637) and Vulncheck (https://www.vulncheck.com/advisories/fiverr-clone-script-sql-injection-via-page-parameter), which outline the vulnerability and proof-of-concept exploitation.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the page parameter. Attackers can supply malicious SQL syntax in the page parameter to extract sensitive database information…

more

or modify database contents.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
Why these techniques?

SQLi in public web app directly enables remote exploitation (T1190); facilitates DB data access (T1213.006) and stored data tampering (T1565.001).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2019-25680Same vendor: Phpscriptsmall
CVE-2019-25668Same vendor: Phpscriptsmall
CVE-2019-25676Same vendor: Phpscriptsmall
CVE-2025-13379Shared CWE-89
CVE-2026-48231Shared CWE-89
CVE-2026-30881Shared CWE-89
CVE-2026-27743Shared CWE-89
CVE-2026-40836Shared CWE-89
CVE-2025-26136Shared CWE-89
CVE-2025-22210Shared CWE-89

Affected Assets

phpscriptsmall
fiverr clone script
1.2.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-10 requires validation of user-supplied inputs like the page parameter to prevent SQL injection by rejecting or sanitizing malicious SQL code.

prevent

SI-9 restricts the page parameter to safe values such as integers, blocking arbitrary SQL injection attempts.

prevent

SI-2 mandates timely identification, reporting, and patching of flaws like this SQL injection vulnerability in Fiverr Clone Script 1.2.2.

References