2 matches found
CVE-2019-25540
Netartmedia PHP Mall 4.1 is affected by multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries via various parameters. The attacks can exfiltrate sensitive data, including user credentials and system information. The description does not specify...
CVE-2019-25541
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through unvalidated parameters. The affected vectors include id in index.php and Email in loginaction.php, enabling time-based blind payloads to extract sen...