CVE-2025-6329
ScriptAndTools Real Estate Management System User Delete userdelete.php authorization
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file userdelete.php of the component User Delete Handler. The manipulation of the argument ID leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Eine Schwachstelle wurde in ScriptAndTools Real Estate Management System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei userdelete.php der Komponente User Delete Handler. Dank Manipulation des Arguments ID mit unbekannten Daten kann eine authorization bypass-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2025-06-19 CVE Reserved
- 2025-06-20 CVE Published
- 2025-06-20 CVE Updated
- 2025-06-20 First Exploit
- 2025-06-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-285: Improper Authorization
- CWE-639: Authorization Bypass Through User-Controlled Key
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://vuldb.com/?id.313325 | Technical Description | |
https://vuldb.com/?submit.596472 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://www.websecurityinsights.my.id/2025/06/script-and-tools-real-estate-management.html | 2025-06-20 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
ScriptAndTools Search vendor "ScriptAndTools" | Real Estate Management System Search vendor "ScriptAndTools" for product "Real Estate Management System" | 1.0 Search vendor "ScriptAndTools" for product "Real Estate Management System" and version "1.0" | en |
Affected
|