What is CVE-2019-25680?

CVE-2019-25680 is a high-severity vulnerability in Phpscriptsmall Advance Gift Shop Pro Script, classified under SQL Injection. CVSS score: 8.2/10. Published 2026-04-05.

How severe is CVE-2019-25680?

High severity. CVSS v3 base score is 8.2 out of 10.

SQL Injection in Phpscriptsmall Advance Gift Shop Pro Script

CVE-2019-25680

Advance Gift Shop Pro Script 2.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can submit crafted SQL pa…

Vulnerability class: SQL Injection

EPSS: 0.001 (33.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.

Affected products

Phpscriptsmall Advance Gift Shop Pro Script — versions 2.0.3

Weakness classification (CWE)

CWE-89 — SQL Injection

References

ExploitDB-46457 (exploit)
Official Product Homepage (product)
VulnCheck Advisory: Advance Gift Shop Pro Script 2.0.3 SQL Injection via search (third-party-advisory)

Frequently asked questions

What is CVE-2019-25680?: CVE-2019-25680 is a high-severity vulnerability in Phpscriptsmall Advance Gift Shop Pro Script, classified under SQL Injection. CVSS score: 8.2/10. Published 2026-04-05.
How severe is CVE-2019-25680?: High severity. CVSS v3 base score is 8.2 out of 10.