Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
Netartmedia Deals Portal: Email Exposes Sensitive Data to Hackers
CVE-2019-25531
Summary
An attacker can use the Email field on the login page to access sensitive information and potentially take control of accounts without a password. This is a serious issue because it allows unauthorized access to user data. To fix this, the developer should update the loginaction.php file to prevent malicious SQL code from being executed.
Original title
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit...
Original description
Netartmedia Deals Portal contains an SQL injection vulnerability in the Email parameter of loginaction.php that allows unauthenticated attackers to manipulate database queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive information or bypass authentication mechanisms.
nvd CVSS3.1
8.2
nvd CVSS4.0
8.8
Vulnerability type
CWE-89
SQL Injection
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026