Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Netartmedia Real Estate Portal 5.0 allows unauthorized database access
CVE-2019-25542
Summary
If left unpatched, unauthenticated attackers can inject malicious code into the database through the user email field, potentially stealing sensitive information or making unauthorized changes. This is a serious security risk that requires immediate attention. Update the software to the latest version to fix this issue.
Original title
Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_email parameter...
Original description
Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_email parameter. Attackers can send POST requests to index.php with malicious payloads in the user_email field to bypass authentication, extract sensitive data, or modify database contents.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026