PT-2026-25002 · Netart Media · Netart Media Real Estate Portal+1
Published
2026-03-12
·
Updated
2026-03-12
·
CVE-2019-25542
CVSS v3.1
8.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Netartmedia Real Estate Portal version 5.0
Description
The software contains a SQL injection issue that allows unauthenticated attackers to manipulate database queries. This is achieved by injecting SQL code through the
user email parameter. Attackers can send POST requests to the ''index.php'' endpoint with malicious payloads in the user email field. This can allow attackers to bypass authentication, extract sensitive data, or modify database contents.Recommendations
Apply a fix to sanitize the
user email parameter in POST requests to the ''index.php'' endpoint.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netart Media Real Estate Portal
Sg Real Estate Portal