CVE-2019-25444

CRITICAL

Fiverr Clone Script 1.2.2 - SQL Injection

Title source: llm

Description

Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the page parameter. Attackers can supply malicious SQL syntax in the page parameter to extract sensitive database information or modify database contents.

Exploits (1)

exploitdb WORKING POC

by Mr Winst0n · textwebappsphp

https://www.exploit-db.com/exploits/46637

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://www.vulncheck.com/advisories/fiverr-clone-script-sql-injection-via-page-parameter

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/46637

Scores

CVSS v3 9.1

EPSS 0.0009

EPSS Percentile 25.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-89

Status published

Products (2)

Phpscriptsmall/Fiverr Clone Script 1.2.2

phpscriptsmall/fiverr_clone_script 1.2.2

Published Feb 20, 2026

Tracked Since Feb 21, 2026