What is CVE-2019-25581?

CVE-2019-25581 is a high-severity vulnerability in I-doit Doit Cmdb, classified under SQL Injection. CVSS score: 8.2/10. Published 2026-03-21.

How severe is CVE-2019-25581?

High severity. CVSS v3 base score is 8.2 out of 10.

SQL Injection in I-doit Doit Cmdb

CVE-2019-25581

i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the objGroupID parameter. Attackers can send GET requests with crafted SQL…

Vulnerability class: SQL Injection

EPSS: 0.003 (49.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.

Affected products

I-doit Doit Cmdb — versions 1.12

Weakness classification (CWE)

CWE-89 — SQL Injection

References

ExploitDB-46134 (exploit)
Official Product Homepage (product)
Product Reference (product)
VulnCheck Advisory: i-doit CMDB 1.12 SQL Injection via objGroupID Parameter (third-party-advisory)

Frequently asked questions

What is CVE-2019-25581?: CVE-2019-25581 is a high-severity vulnerability in I-doit Doit Cmdb, classified under SQL Injection. CVSS score: 8.2/10. Published 2026-03-21.
How severe is CVE-2019-25581?: High severity. CVSS v3 base score is 8.2 out of 10.