Exploitation Summary
EIP tracks 1 public exploit for CVE-2019-25535. PoCs published by Ahmet Ümit BAYRAM.
AI-analyzed exploit summary The exploit demonstrates a time-based SQL injection vulnerability in Netartmedia Php Dating Site via the 'Email' POST parameter in loginaction.php. The payload uses XOR and sleep functions to confirm the vulnerability.
Description
Netartmedia PHP Dating Site contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to loginaction.php with time-based SQL injection payloads in the Email field to extract sensitive database information.
Exploits (1)
The exploit demonstrates a time-based SQL injection vulnerability in Netartmedia Php Dating Site via the 'Email' POST parameter in loginaction.php. The payload uses XOR and sleep functions to confirm the vulnerability.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N