Cyber Resilience

CVE-2019-25693

HighPublic PoC

Published: 12 April 2026

Published
12 April 2026
Modified
17 April 2026
KEV Added
Patch
CVSS Score v4 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0002 5.7th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-25693 is a high-severity CSRF (CWE-352) vulnerability in Montala Resourcespace. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 5.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2019-25693 is an SQL injection vulnerability in ResourceSpace version 8.6. The issue affects the collection_edit.php component, where attackers can inject malicious SQL code through the keywords parameter in POST requests, enabling execution of arbitrary SQL queries.

Authenticated attackers with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation allows extraction of sensitive database information, including schema names, user credentials, and other confidential data. The CVSS v3.1 base score is 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N), reflecting high confidentiality impact with low integrity impact and no availability impact. Associated CWEs are CWE-352 and CWE-89.

Advisories and related resources include a public exploit at https://www.exploit-db.com/exploits/46274, a VulnCheck advisory at https://www.vulncheck.com/advisories/resourcespace-sql-injection-via-collection-edit-php, and vendor pages at https://www.resourcespace.com/ and https://www.resourcespace.com/get. The CVE was published on 2026-04-12T13:16:32.270.

EU & UK References

Vulnerability details

ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collection_edit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to…

more

extract sensitive database information including schema names, user credentials, and other confidential data.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
Why these techniques?

SQL injection in web app directly matches T1190 exploitation of public-facing application; enables DB credential extraction matching T1552 Unsecured Credentials.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2019-25662Same product: Montala Resourcespace
CVE-2020-37053Shared CWE-89
CVE-2026-34385Shared CWE-89
CVE-2025-25206Shared CWE-89
CVE-2026-39334Shared CWE-89
CVE-2024-13488Shared CWE-89
CVE-2025-23558Shared CWE-352
CVE-2026-20002Shared CWE-89
CVE-2025-1446Shared CWE-89
CVE-2025-23848Shared CWE-352

Affected Assets

montala
resourcespace
8.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection attacks by requiring validation of the keywords parameter in collection_edit.php before incorporation into SQL queries.

prevent

Remediates the specific SQL injection flaw in ResourceSpace 8.6's collection_edit.php through timely identification, reporting, and correction.

prevent

Enforces restrictions on the keywords parameter at the application boundary to block malicious SQL payloads in POST requests.

References