CVE-2019-25531

Name of the Vulnerable Software and Affected Versions Netartmedia Deals Portal (affected versions not specified)

Description The software contains an SQL injection issue in the Email parameter of the loginaction.php file. Unauthenticated attackers can manipulate database queries by submitting crafted SQL payloads through POST requests. This allows attackers to potentially extract sensitive information or bypass authentication. The vulnerable parameter is Email and the affected API endpoint is loginaction.php.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.