CVE-2019-25444

CRITICAL

Fiverr Clone Script 1.2.2 - SQL Injection

Title source: llm

Description

Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the page parameter. Attackers can supply malicious SQL syntax in the page parameter to extract sensitive database information or modify database contents.

Exploits (1)

exploitdb WORKING POC

by Mr Winst0n · textwebappsphp

https://www.exploit-db.com/exploits/46637

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://www.vulncheck.com/advisories/fiverr-clone-script-sql-injection-via-page-parameter

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/46637

Scores

CVSS v3 9.1

EPSS 0.0007

EPSS Percentile 21.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Classification

CWE

CWE-89

Status published

Affected Products (1)

phpscriptsmall/fiverr_clone_script

Timeline

Published Feb 20, 2026

Tracked Since Feb 21, 2026