{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2019-25640/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["sql-injection","cve-2019-25640","inout-article-base-cms"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eInout Article Base CMS is susceptible to SQL injection vulnerabilities (CVE-2019-25640). Unauthenticated attackers can exploit these vulnerabilities by manipulating database queries via the \u0026lsquo;p\u0026rsquo; and \u0026lsquo;u\u0026rsquo; parameters in GET requests to the \u003ccode\u003eportalLogin.php\u003c/code\u003e script. The attack leverages XOR-based SQL injection payloads. Successful exploitation can allow attackers to extract sensitive database information or cause a denial of service through time-based attacks. This vulnerability poses a significant…\u003c/p\u003e\n","date_modified":"2026-03-24T12:16:05Z","date_published":"2026-03-24T12:16:05Z","id":"/briefs/2026-03-inout-article-sql-injection/","summary":"Inout Article Base CMS is vulnerable to SQL injection, allowing unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters via XOR-based payloads in GET requests to portalLogin.php, potentially leading to sensitive information extraction or denial-of-service.","title":"Inout Article Base CMS SQL Injection Vulnerability (CVE-2019-25640)","url":"https://feed.craftedsignal.io/briefs/2026-03-inout-article-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2019-25640","version":"https://jsonfeed.org/version/1.1"}