CVE-2019-25676

HighPublic PoC

Published: 05 April 2026

Published

05 April 2026

Modified

20 April 2026

KEV Added

—

Patch

—

CVSS Score 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS Score 0.0011 29.6th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view…

parameter in list-details.php to execute arbitrary code or extract database information.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents both SQL injection via the view parameter and XSS via the cateid parameter by enforcing validity checks on untrusted URL inputs.

SI-15 Information Output Filtering partial match

prevent

Addresses the XSS vulnerability by filtering malicious script tags from outputs generated from user-controlled cateid parameter.

SI-2 Flaw Remediation good match

prevent

Ensures timely identification, reporting, and correction of the specific SQL injection and XSS flaws in Ask Expert Script 3.0.5.

Security SummaryAI

CVE-2019-25676 is a high-severity vulnerability (CVSS v3.1 score of 8.2; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N) affecting Ask Expert Script version 3.0.5, involving cross-site scripting (CWE-79) and SQL injection (CWE-89) flaws. The XSS issue arises in the "cateid" parameter of categorysearch.php, where attackers can inject script tags. The SQL injection vulnerability exists in the "view" parameter of list-details.php, enabling injection of SQL code.

Unauthenticated remote attackers can exploit these issues with low complexity over the network. By manipulating the specified URL parameters, they can inject malicious script tags to execute arbitrary JavaScript in victims' browsers or inject SQL code to execute arbitrary queries, potentially extracting sensitive database information.

Advisories from VulnCheck (https://www.vulncheck.com/advisories/ask-expert-script-cross-site-scripting-sql-injection) and a proof-of-concept exploit on Exploit-DB (https://www.exploit-db.com/exploits/46426) detail the vulnerabilities, with the vendor site at http://www.phpscriptsmall.com/ also referenced. No specific patch or mitigation guidance is outlined in the provided details.

Details

CWE(s): CWE-79 CWE-89

Affected Products

phpscriptsmall

ask expert script

3.0.5

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1213.006 Databases Collection

Adversaries may leverage databases to mine valuable information.

attack.mitre.org →

Why these techniques?

Unauthenticated remote exploitation of public-facing PHP web application via XSS and SQL injection directly enables T1190. SQL injection allows arbitrary database queries for sensitive data extraction, facilitating T1213.006.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

http://www.phpscriptsmall.com/
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/46426
Exploit, VDB Entry · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/ask-expert-script-cross-site-scripting-sql-injection
Third Party Advisory · disclosure@vulncheck.com