{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2019-25697/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.2,"id":"CVE-2019-25697"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["sqli","cve-2019-25697","webserver"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCMSsite 1.0 is susceptible to an SQL injection vulnerability (CVE-2019-25697) within the category.php script. This flaw allows unauthenticated, remote attackers to inject arbitrary SQL commands by manipulating the \u003ccode\u003ecat_id\u003c/code\u003e GET parameter. Successful exploitation could lead to the disclosure of sensitive information stored within the database, including user credentials and other application data. Given the ease of exploitation and the potential impact, this vulnerability poses a significant risk to organizations using the affected CMSsite version. The vulnerability was reported to NVD and assigned a CVSS v3.1 score of 8.2, indicating high severity.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a CMSsite 1.0 installation.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP GET request targeting \u003ccode\u003ecategory.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker injects SQL code into the \u003ccode\u003ecat_id\u003c/code\u003e parameter of the GET request, for example: \u003ccode\u003ecategory.php?cat_id=1' OR '1'='1\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe web server processes the request and passes the tainted \u003ccode\u003ecat_id\u003c/code\u003e value to the underlying SQL database.\u003c/li\u003e\n\u003cli\u003eThe injected SQL code manipulates the database query, potentially bypassing intended security checks.\u003c/li\u003e\n\u003cli\u003eThe database executes the modified query, returning sensitive data to the web server.\u003c/li\u003e\n\u003cli\u003eThe web server includes the extracted data in the HTTP response.\u003c/li\u003e\n\u003cli\u003eThe attacker parses the HTTP response to extract sensitive information such as usernames, passwords, or other confidential data.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability allows an unauthenticated attacker to read sensitive information from the CMSsite 1.0 database. This can lead to complete compromise of the application, including unauthorized access to user accounts, exposure of confidential data, and potential further attacks on the underlying system. Given the lack of required authentication, any CMSsite 1.0 instance exposed to the internet is a potential target.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply appropriate input validation and sanitization to the \u003ccode\u003ecat_id\u003c/code\u003e parameter in \u003ccode\u003ecategory.php\u003c/code\u003e to prevent SQL injection.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Suspicious GET Requests to category.php with SQL Injection Attempts\u0026rdquo; to identify exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eRestrict database access privileges to the minimum necessary for the application to function.\u003c/li\u003e\n\u003cli\u003eConsider upgrading to a more secure CMS solution or applying a patch if one becomes available.\u003c/li\u003e\n\u003cli\u003eEnable web server logging and monitor for unusual activity, paying close attention to GET requests targeting \u003ccode\u003ecategory.php\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eImplement parameterized queries or prepared statements to prevent SQL injection vulnerabilities when interacting with the database.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-12T13:16:32Z","date_published":"2026-04-12T13:16:32Z","id":"/briefs/2026-04-cmssite-sqli/","summary":"CMSsite 1.0 is vulnerable to unauthenticated SQL injection (CVE-2019-25697) via the cat_id parameter in category.php, allowing attackers to extract sensitive database information.","title":"CMSsite 1.0 SQL Injection Vulnerability (CVE-2019-25697)","url":"https://feed.craftedsignal.io/briefs/2026-04-cmssite-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2019-25697","version":"https://jsonfeed.org/version/1.1"}