Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Netartmedia PHP Mall 4.1: Unauthenticated Access to Sensitive Database Data
CVE-2019-25540
Summary
The Netartmedia PHP Mall 4.1 software has a security weakness that allows hackers to access and manipulate sensitive user and system information without needing a password. This means that hackers can potentially steal user credentials and other important data. To protect your business, update the software to the latest version as soon as possible.
Original title
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attack...
Original description
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various parameters. Attackers can craft malicious requests with SQL payloads to extract sensitive database information including user credentials and system data.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026