top of page
perceptive_background_267k.jpg

Netartmedia Event Portal 2.0 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by inj…

Published:

11 maart 2026 om 23:00:00

Alert date:

12 maart 2026 om 17:15:30

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Database & Storage

CVE-2019-25537 affects Netartmedia Event Portal 2.0 with a time-based blind SQL injection vulnerability in the Email parameter of loginaction.php. Unauthenticated attackers can manipulate database queries by sending malicious POST requests with SQL payloads in the Email field. This vulnerability allows extraction of sensitive database information through time-based blind SQL injection techniques. The vulnerability is accessible without authentication, making it particularly dangerous for exposed installations.

Technical details

Mitigation steps:

Affected products:

Netartmedia Event Portal

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2019-25537
https://www.exploit-db.com/exploits/46560
https://www.vulncheck.com/advisories/netartmedia-event-portal-sql-injection-via-loginaction-php

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page