ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the IMG parameter to extract sensitive database information including version and database names.
PUBLISHED5.2CWE-434
ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php
Problem type
Affected products
Owndms
ownDMS
4.7 - AFFECTED
References
ExploitDB-46168
https://www.exploit-db.com/exploits/46168
Official Product Homepage
http://www.owndms.com/
Product Reference
https://datapacket.dl.sourceforge.net/project/owndms/owndms_47.zip
VulnCheck Advisory: ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php
https://www.vulncheck.com/advisories/owndms-sql-injection-via-pdfstream-php-imagestream-php
JSON source
https://cveawg.mitre.org/api/cve/CVE-2019-25580Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2019-25580",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2026-03-21T15:30:38.596Z",
"dateReserved": "2026-03-21T15:28:57.128Z",
"datePublished": "2026-03-21T15:30:38.596Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2026-03-21T15:30:38.596Z"
},
"title": "ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php",
"descriptions": [
{
"lang": "en",
"value": "ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the IMG parameter to extract sensitive database information including version and database names."
}
],
"affected": [
{
"vendor": "Owndms",
"product": "ownDMS",
"versions": [
{
"version": "4.7",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Unrestricted Upload of File with Dangerous Type",
"cweId": "CWE-434",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/46168",
"name": "ExploitDB-46168",
"tags": [
"exploit"
]
},
{
"url": "http://www.owndms.com/",
"name": "Official Product Homepage",
"tags": [
"product"
]
},
{
"url": "https://datapacket.dl.sourceforge.net/project/owndms/owndms_47.zip",
"name": "Product Reference",
"tags": [
"product"
]
},
{
"url": "https://www.vulncheck.com/advisories/owndms-sql-injection-via-pdfstream-php-imagestream-php",
"name": "VulnCheck Advisory: ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
}
}
],
"credits": [
{
"lang": "en",
"value": "Ihsan Sencan",
"type": "finder"
}
]
}
}
}