CVE-2019-25521
SQL Injection in XooGallery gal.php Allows Data Manipulation
Publication date: 2026-03-12
Last updated on: 2026-03-23
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xooscripts | xoogallery | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25521 is a high-severity SQL injection vulnerability affecting XooGallery Latest versions. It exists in the gal.php script via the gal_id parameter, which is not properly sanitized. This flaw allows unauthenticated attackers to inject malicious SQL code by sending crafted GET requests with manipulated gal_id values.
Exploitation of this vulnerability enables attackers to manipulate database queries, potentially extracting sensitive information or modifying database contents.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability can have serious impacts including unauthorized access to sensitive database information and unauthorized modification of database contents.'}, {'type': 'paragraph', 'content': "Because the attack requires no privileges or user interaction and can be performed remotely over the network, it poses a significant risk to the confidentiality and integrity of the affected system's data."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This SQL injection vulnerability can be detected by sending crafted GET requests to the gal.php script with manipulated gal_id parameter values and observing the responses for signs of SQL injection.'}, {'type': 'paragraph', 'content': 'Example commands to test for the vulnerability include using curl or similar tools to send requests with SQL injection payloads such as:'}, {'type': 'list_item', 'content': 'curl "http://target-site/gal.php?gal_id=29\' AND 2692=2692 AND \'WCFf\'=\'WCFf"'}, {'type': 'list_item', 'content': 'curl "http://target-site/gal.php?gal_id=29\' OR \'1\'=\'1"'}, {'type': 'paragraph', 'content': 'If the response indicates database errors or returns unexpected data, it suggests the presence of the SQL injection vulnerability.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Apply input validation and sanitization on the gal_id parameter to prevent SQL injection.
- Use prepared statements or parameterized queries in the gal.php script to safely handle user input.
- Restrict access to the vulnerable script if possible until a patch or fix is applied.
- Monitor web server logs for suspicious requests targeting gal.php with unusual gal_id values.
Additionally, check for updates or patches from the vendor and apply them as soon as they become available.