https://feed.craftedsignal.io/tags/cve-2019-25640/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 24 Mar 2026 12:16:05 +0000https://feed.craftedsignal.io/briefs/2026-03-inout-article-sql-injection/Tue, 24 Mar 2026 12:16:05 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-inout-article-sql-injection/Inout Article Base CMS is vulnerable to SQL injection, allowing unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters via XOR-based payloads in GET requests to portalLogin.php, potentially leading to sensitive information extraction or denial-of-service.Inout Article Base CMS is susceptible to SQL injection vulnerabilities (CVE-2019-25640). Unauthenticated attackers can exploit these vulnerabilities by manipulating database queries via the ‘p’ and ‘u’ parameters in GET requests to the portalLogin.php script. The attack leverages XOR-based SQL injection payloads. Successful exploitation can allow attackers to extract sensitive database information or cause a denial of service through time-based attacks. This vulnerability poses a significant…

]]>highadvisorysql-injectioncve-2019-25640inout-article-base-cms