{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25697", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-05T15:35:39.786Z", "datePublished": "2026-04-12T12:28:48.309Z", "dateUpdated": "2026-04-12T12:28:48.309Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-12T12:28:48.309Z"}, "datePublic": "2019-01-28T00:00:00.000Z", "title": "CMSsite 1.0 SQL Injection via category.php", "descriptions": [{"lang": "en", "value": "CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to category.php with malicious cat_id values to extract sensitive database information including usernames and credentials."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "affected": [{"vendor": "VictorAlagwu", "product": "CMSsite", "versions": [{"version": "1.0", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.8, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46259", "name": "ExploitDB-46259", "tags": ["exploit"]}, {"url": "https://github.com/VictorAlagwu/CMSsite/archive/master.zip", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: CMSsite 1.0 SQL Injection via category.php", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/cmssite-sql-injection-via-category-php"}], "credits": [{"lang": "en", "value": "Majid kalantari (mjd.hack@gmail.com)", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to category.php with malicious cat_id values to extract sensitive database information including usernames and credentials."}], "id": "CVE-2019-25697", "lastModified": "2026-04-12T13:16:32.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-12T13:16:32.603", "references": [{"source": "disclosure@vulncheck.com", "url": "https://github.com/VictorAlagwu/CMSsite/archive/master.zip"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46259"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/cmssite-sql-injection-via-category-php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "CMSsite", "source": "cna", "vendor": "VictorAlagwu"}, "product": "cmssite", "vendor": "victoralagwu"}], "analysis": {"en": {"generated_at": "2026-04-12T13:23:24.591355+00:00", "value": {"mitigation_remediation": ["Update CMSsite to a version that removes the SQL injection flaw or, if unavailable, apply the vendor\u2019s patch when released.", "Modify the application to use prepared statements or parameterized queries for the cat_id input.", "Restrict direct access to category.php from the web, allowing only trusted roles or IP addresses.", "Validate and sanitize all user input on the cat_id parameter, rejecting non\u2011numeric values.", "Monitor web traffic for unusual GET requests to category.php and alert on potential injection attempts."], "summary": {"action": "Apply Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "VictorAlagwu\u2019s CMSsite version 1.0 is affected. Users running this CMS on any environment where category.php is reachable and the cat_id parameter accepts user input without validation are exposed. The problem is confined to the open\u2011source codebase provided by the vendor; no other products or versions were identified.", "description_and_impact": "The vulnerability in CMSsite 1.0 is a classic SQL injection where an attacker can embed arbitrary SQL code into the cat_id parameter of category.php. By crafting a malicious value and sending a simple HTTP GET request, an unauthenticated user can cause the application to perform unintended database operations. The exploit allows extraction of sensitive data such as usernames and passwords, thereby compromising the confidentiality of the system's user accounts.", "risk_and_exploitability": "The CVSS score of 8.8 classifies the flaw as critical, and while there is no EPSS data available, the lack of requirement for authentication and the simplicity of the GET request suggest a high likelihood of exploitation once a vulnerable instance is discovered. The vulnerability is not listed in the KEV catalog, indicating that no publicly known exploits have been reported yet, but the attack vector is remote over the network and could be automated. Organizations should treat this as a high\u2011priority risk until a fix is applied."}}}}, "created": "2026-04-13T12:41:18.407795+00:00", "updated": "2026-04-13T12:55:57.209131+00:00", "vendors": ["victoralagwu", "victoralagwu$PRODUCT$cmssite"]}