top of page
perceptive_background_267k.jpg

Placeto CMS Alpha rv.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through …

Published:

11 March 2026 at 23:00:00

Alert date:

12 March 2026 at 17:15:30

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Database & Storage

CVE-2019-25529 affects Placeto CMS Alpha rv.4, allowing authenticated attackers to perform SQL injection attacks through the 'page' parameter in the admin/edit.php endpoint. Attackers can manipulate database queries using boolean-based blind, time-based blind, or union-based techniques to extract sensitive database information. The vulnerability requires authentication but enables significant database compromise once exploited.

Technical details

Mitigation steps:

Affected products:

Placeto CMS Alpha rv.4

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2019-25529
https://sourceforge.net/projects/placeto/
https://sourceforge.net/projects/placeto/files/alpha-rv.4/placeto.zip
https://www.exploit-db.com/exploits/46588
https://www.vulncheck.com/advisories/placeto-cms-alpha-rv-4-sql-injection-via-page-parameter

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page