{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25662", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-05T12:59:40.774Z", "datePublished": "2026-04-05T20:45:16.812Z", "dateUpdated": "2026-04-06T18:49:15.342Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-05T20:45:16.812Z"}, "datePublic": "2019-02-01T00:00:00.000Z", "title": "ResourceSpace 8.6 SQL Injection via watched_searches.php", "descriptions": [{"lang": "en", "value": "ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watched_searches.php endpoint with crafted SQL payloads to extract sensitive database information including usernames and credentials."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89", "type": "CWE"}]}], "affected": [{"vendor": "Montala", "product": "ResourceSpace", "versions": [{"version": "8.6", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:montala:resourcespace:8.6:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.8, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46308", "name": "ExploitDB-46308", "tags": ["exploit"]}, {"url": "https://www.resourcespace.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.resourcespace.com/get", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: ResourceSpace 8.6 SQL Injection via watched_searches.php", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/resourcespace-sql-injection-via-watched-searches-php"}], "credits": [{"lang": "en", "value": "dd_ (info@malicious.group)", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T18:48:33.377689Z", "id": "CVE-2019-25662", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T18:49:15.342Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25662", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T18:48:33.377689Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T18:49:06.083Z"}}], "cna": {"title": "ResourceSpace 8.6 SQL Injection via watched_searches.php", "credits": [{"lang": "en", "type": "finder", "value": "dd_ (info@malicious.group)"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.8, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Montala", "product": "ResourceSpace", "versions": [{"status": "affected", "version": "8.6"}]}], "datePublic": "2019-02-01T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46308", "name": "ExploitDB-46308", "tags": ["exploit"]}, {"url": "https://www.resourcespace.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://www.resourcespace.com/get", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/resourcespace-sql-injection-via-watched-searches-php", "name": "VulnCheck Advisory: ResourceSpace 8.6 SQL Injection via watched_searches.php", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watched_searches.php endpoint with crafted SQL payloads to extract sensitive database information including usernames and credentials."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:montala:resourcespace:8.6:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-05T20:45:16.812Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25662", "state": "PUBLISHED", "dateUpdated": "2026-04-06T18:49:15.342Z", "dateReserved": "2026-04-05T12:59:40.774Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-05T20:45:16.812Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'ref' parameter. Attackers can send GET requests to the watched_searches.php endpoint with crafted SQL payloads to extract sensitive database information including usernames and credentials."}], "id": "CVE-2019-25662", "lastModified": "2026-04-07T13:20:35.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-05T21:16:43.223", "references": [{"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/46308"}, {"source": "disclosure@vulncheck.com", "url": "https://www.resourcespace.com/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.resourcespace.com/get"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/resourcespace-sql-injection-via-watched-searches-php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "8.6"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "ResourceSpace", "source": "cna", "vendor": "Montala"}, "product": "resourcespace", "vendor": "montala"}], "analysis": {"en": {"generated_at": "2026-04-05T23:27:31.146037+00:00", "value": {"mitigation_remediation": ["Apply the latest patch or upgrade to a non\u2011vulnerable version of ResourceSpace.", "Restrict or remove external access to the watched_searches.php file, ensuring only authenticated and authorized users can reach it.", "Implement input validation or prepared statements for the 'ref' parameter to prevent SQL injection.", "Monitor application logs for suspicious request patterns targeting watched_searches.php."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized Database Access"}, "threat_synthesis": {"affected_systems": "Montala\u2019s ResourceSpace content management system, specifically version 8.6, is affected as documented by the vendor and the CPE identifier cpe:2.3:a:montala:resourcespace:8.6. No other versions or products are listed as vulnerable in the provided data.", "description_and_impact": "The vulnerability allows an unauthenticated attacker to inject arbitrary SQL code through the 'ref' parameter in the watched_searches.php endpoint. This injection can be used to execute any SQL query, enabling the attacker to read, modify, or delete sensitive data stored in the database, such as usernames and credential information. The weakness is a classic SQL Injection (CWE\u201189) and can lead to full compromise of the underlying data store.", "risk_and_exploitability": "The CVSS score of 8.8 indicates a high severity level, and while an EPSS rating is unavailable, the lack of authentication requirement makes the attack path straightforward \u2013 a crafted GET request to watched_searches.php can trigger the exploitation. The vulnerability is not listed in the CISA KEV catalog, yet its potential for data exfiltration and database compromise warrants serious attention. The exploit is likely to succeed on deployments that expose the watched_searches.php endpoint to the internet or to untrusted users."}}}}, "created": "2026-04-06T20:22:54.811067+00:00", "updated": "2026-04-06T21:56:15.440835+00:00", "vendors": ["montala", "montala$PRODUCT$resourcespace"]}