Home Embedded Vulns General Vulns

CVE-2019-25536

HIGH 8.2

Our Analysis: esv

Our model has classified this vulnerability as relevant to esv Systems, helping your team prioritize efforts effectively.

Published Date March 12, 2026
Last Modified March 12, 2026
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Description

Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features[] parameter. Attackers can send POST requests to index.php with crafted SQL payloads in the features[] parameter to extract sensitive database information or manipulate database queries.

Potentially Affected Vendors