CVE-2019-25543

HIGH

Netartmedia Real Estate Portal 5.0 - SQL Injection

Title source: llm

Description

Netartmedia Real Estate Portal 5.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the page parameter. Attackers can submit POST requests to index.php with malicious SQL payloads in the page field to bypass authentication, extract sensitive data, or modify database contents.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ahmet Ümit BAYRAM · textwebappsphp

https://www.exploit-db.com/exploits/46563

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/46563

[Third Party Advisory] https://www.vulncheck.com/advisories/netartmedia-real-estate-portal-sql-injection-via-index-php-2

Scores

CVSS v3 8.2

EPSS 0.0025

EPSS Percentile 48.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Details

CWE

CWE-89

Status published

Products (1)

netartmedia/real_estate_portal 5.0

Published Mar 12, 2026

Tracked Since Mar 12, 2026