CVE-2019-25535

Name of the Vulnerable Software and Affected Versions Netartmedia PHP Dating Site (affected versions not specified)

Description The software contains a SQL injection issue that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL code through the Email parameter. By sending POST requests to the ''loginaction.php'' endpoint with time-based SQL injection payloads in the Email field, attackers can extract sensitive database information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.