High severity8.2NVD Advisory· Published Mar 24, 2026· Updated Apr 15, 2026
CVE-2019-25635
CVE-2019-25635
Description
Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the profile_list endpoint. Attackers can inject SQL code via the up_cast, s_mother, and s_religion parameters to extract sensitive database information using time-based or error-based techniques.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:zeeways:matrimony_cms:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:zeeways:matrimony_cms:-:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/46603nvdExploitVDB Entry
- www.vulncheck.com/advisories/zeeways-matrimony-cms-lastest-sql-injection-via-profile-listnvdThird Party Advisory
- www.zeeways.com/matrimony-cms/4/productdetailnvdBroken Link
News mentions
0No linked articles in our index yet.