Cyber Resilience

CVE-2019-25531

HighPublic PoC

Published: 12 March 2026

Published
12 March 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0030 21.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2019-25531 is a high-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 21.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2019-25531 is an SQL injection vulnerability (CWE-89) affecting the Netartmedia Deals Portal, specifically in the Email parameter of the loginaction.php component. Published on 2026-03-12, it enables attackers to manipulate database queries through crafted inputs. The vulnerability carries a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N), indicating high confidentiality impact with low integrity impact and no availability impact.

Unauthenticated attackers can exploit this over the network with low attack complexity and no privileges or user interaction required. By submitting SQL payloads via POST requests to the Email parameter during login actions, they can extract sensitive information from the database or bypass authentication mechanisms.

Advisories and related resources, including a proof-of-concept on Exploit-DB and a Vulncheck advisory, provide details on the issue. Security practitioners should consult https://www.exploit-db.com/exploits/46582 and https://www.vulncheck.com/advisories/netartmedia-deals-portal-lastest-sql-injection-via-loginaction-php for exploitation demonstrations and potential mitigation guidance.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authentication mechanisms.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
Why these techniques?

The SQL injection vulnerability in a public-facing web application directly enables exploitation of public-facing applications (T1190) and data extraction from databases (T1213.006) via crafted queries.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2018-25199Shared CWE-89
CVE-2026-27179Shared CWE-89
CVE-2025-0308Shared CWE-89
CVE-2019-25581Shared CWE-89
CVE-2026-27885Shared CWE-89
CVE-2019-25479Shared CWE-89
CVE-2026-1476Shared CWE-89
CVE-2019-25526Shared CWE-89
CVE-2025-69365Shared CWE-89
CVE-2019-25573Shared CWE-89

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of the Email parameter input in loginaction.php to block SQL injection payloads and prevent database query manipulation.

prevent

Ensures identification, reporting, and correction of the specific SQL injection flaw in loginaction.php through systematic flaw remediation.

detect

Provides vulnerability scanning to detect the SQL injection vulnerability (CVE-2019-25531) in the Netartmedia Deals Portal for timely remediation.

References