CVE-2019-25516
SQL Injection in Jettweb PHP Script Allows Data Extraction
Publication date: 2026-03-12
Last updated on: 2026-03-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jettweb | php_stock_news_site_script | 1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25516 is a high-severity SQL injection vulnerability in the Jettweb PHP Hazir Haber Sitesi Scripti version 1.0 and earlier. It specifically affects the gallery.php file through the gallery_id parameter, which is not properly sanitized. This allows unauthenticated attackers to inject malicious SQL code via GET requests using UNION-based SQL injection techniques. By exploiting this flaw, attackers can manipulate database queries and extract sensitive information from the backend database.
How can this vulnerability impact me? :
This vulnerability allows attackers to execute arbitrary SQL queries on the affected application without authentication. As a result, attackers can extract sensitive data from the database, such as user information or other confidential records. Additionally, the vulnerability can lead to unauthorized access and data leakage, posing significant security risks to applications using this script.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending crafted GET requests to the gallery.php script with malicious payloads in the gallery_id parameter to test for SQL injection.'}, {'type': 'paragraph', 'content': 'A common detection method is to use UNION-based SQL injection payloads to see if the application returns database information or errors indicating vulnerability.'}, {'type': 'paragraph', 'content': 'For example, you can use curl or wget commands to send test requests like:'}, {'type': 'list_item', 'content': 'curl "http://target-site/gallery.php?gallery_id=1\' UNION SELECT 1,2,3-- -"'}, {'type': 'list_item', 'content': 'curl "http://target-site/gallery.php?gallery_id=1\' UNION SELECT 1,HEX(USER()),3-- -"'}, {'type': 'paragraph', 'content': 'If the response contains database information or unusual output, it indicates the presence of the SQL injection vulnerability.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Restrict access to the vulnerable gallery.php script by implementing firewall rules or IP whitelisting to limit exposure.
- Apply input validation and sanitization on the gallery_id parameter to prevent injection of malicious SQL code.
- Use prepared statements or parameterized queries in the application code to safely handle user inputs.
- If possible, update or patch the Jettweb PHP Hazir Haber Sitesi Scripti to a version that fixes this vulnerability.
- Monitor logs for suspicious requests targeting gallery.php with unusual parameters.