CVE-2019-25575
SQL Injection in SimplePress CMS 1.0.7 Exposes Sensitive Data
Publication date: 2026-03-21
Last updated on: 2026-04-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| simplepresscms | simplepress_cms | to 1.0.7 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2019-25575 is an SQL injection vulnerability in SimplePress CMS version 1.0.7. It allows unauthenticated attackers to inject malicious SQL code through the 'p' and 's' parameters in HTTP GET requests."}, {'type': 'paragraph', 'content': 'By exploiting this flaw, attackers can execute arbitrary SQL queries on the backend database, enabling them to retrieve sensitive information such as usernames, database names, and version details.'}, {'type': 'paragraph', 'content': 'The vulnerability works by sending specially crafted SQL UNION SELECT statements through these parameters, which manipulate the database queries and cause the server to return the injected data within the HTTP response.'}] [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive database information, including usernames and database details.
Attackers do not need any authentication or user interaction to exploit this flaw, making it easier to compromise the system remotely.
While the impact on data confidentiality is high, the integrity impact is low and there is no impact on availability, meaning attackers primarily gain read access to sensitive data without disrupting service.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by sending crafted HTTP GET requests to the SimplePress CMS server targeting the 'p' and 's' parameters with SQL injection payloads."}, {'type': 'paragraph', 'content': 'A common detection method involves injecting encoded UNION SELECT statements that call database functions such as USER(), DATABASE(), and VERSION() to confirm if the server is vulnerable.'}, {'type': 'paragraph', 'content': 'If the server responds with HTTP 200 OK and the injected SQL query output is embedded in the HTML response, it indicates successful exploitation and confirms the vulnerability.'}, {'type': 'paragraph', 'content': 'Example command using curl to test the vulnerability:'}, {'type': 'list_item', 'content': 'curl "http://target-site.com/index.php?p=1 UNION SELECT 1,USER(),DATABASE(),VERSION()--&s=1"'}, {'type': 'paragraph', 'content': 'Replace "http://target-site.com/index.php" with the actual URL of the SimplePress CMS instance. Observe the response for database user, name, or version details indicating vulnerability.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
I don't know