VDB-329897 · CVE-2025-12227 · EUVD-2025-36084

projectworlds Gate Pass Management System 1.0 /add-pass.php କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ

Rakkoon nageenyaa kan ସମସ୍ୟାଜନକ jedhamuun beekamu projectworlds Gate Pass Management System 1.0 keessatti argameera. Miidhamni argame is hojii hin beekamne faayilii /add-pass.php keessa. Wanti jijjiirame gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. Rakkoo ibsuuf CWE yoo fayyadamte gara CWE-79 si geessa. Odeeffannoon kun yeroo 10/25/2025 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti argama. Dogoggorri kun CVE-2025-12227 jedhamee waamama. Weerara fageenya irraa jalqabuu ni danda'ama. Ibsa teeknikaa ni jira. Waan dabalataa ta’een, meeshaa balaa kana fayyadamuuf ni jira. Qorannoo miidhaa (exploit) uummataaf ifa taasifameera, kanaafis fayyadamuu ni danda'ama. Ammas, gatii exploit might be approx. USD $0-$5k yeroo ammaa irratti argamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ ta’uu isaa ibsameera. Exploit github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatiin isaa daldala dhoksaa keessatti $0-$5k akka ta'e tilmaamameera. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

4 ଆଡାପ୍ଟେସନ୍ · 97 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 10/25/2025 07:02 PM	ଅଦ୍ୟତନ 1/3 10/27/2025 07:25 AM	ଅଦ୍ୟତନ 2/3 10/27/2025 08:11 AM	ଅଦ୍ୟତନ 3/3 10/28/2025 08:02 AM
cvss4_vuldb_btscore	2.0	2.0	2.0	2.0
advisory_date	1761343200 (10/25/2025)	1761343200 (10/25/2025)	1761343200 (10/25/2025)	1761343200 (10/25/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
software_vendor	projectworlds	projectworlds	projectworlds	projectworlds
software_name	Gate Pass Management System	Gate Pass Management System	Gate Pass Management System	Gate Pass Management System
software_version	1.0	1.0	1.0	1.0
software_file	/add-pass.php	/add-pass.php	/add-pass.php	/add-pass.php
vulnerability_cwe	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)	CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)
vulnerability_risk	1	1	1	1
cvss3_vuldb_av	N	N	N	N
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_pr	L	L	L	L
cvss3_vuldb_ui	R	R	R	R
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	N	N	N	N
cvss3_vuldb_i	L	L	L	L
cvss3_vuldb_a	N	N	N	N
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
advisory_url	https://github.com/QIU-DIE/CVE/issues/8	https://github.com/QIU-DIE/CVE/issues/8	https://github.com/QIU-DIE/CVE/issues/8	https://github.com/QIU-DIE/CVE/issues/8
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
exploit_url	https://github.com/QIU-DIE/CVE/issues/8	https://github.com/QIU-DIE/CVE/issues/8	https://github.com/QIU-DIE/CVE/issues/8	https://github.com/QIU-DIE/CVE/issues/8
source_cve	CVE-2025-12227	CVE-2025-12227	CVE-2025-12227	CVE-2025-12227
cna_responsible	VulDB	VulDB	VulDB	VulDB
software_type	Project Management Software	Project Management Software	Project Management Software	Project Management Software
cvss2_vuldb_av	N	N	N	N
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_ci	N	N	N	N
cvss2_vuldb_ii	P	P	P	P
cvss2_vuldb_ai	N	N	N	N
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss4_vuldb_av	N	N	N	N
cvss4_vuldb_ac	L	L	L	L
cvss4_vuldb_pr	L	L	L	L
cvss4_vuldb_ui	P	P	P	P
cvss4_vuldb_vc	N	N	N	N
cvss4_vuldb_vi	L	L	L	L
cvss4_vuldb_va	N	N	N	N
cvss4_vuldb_e	P	P	P	P
cvss2_vuldb_au	S	S	S	S
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_rl	X	X	X	X
cvss4_vuldb_at	N	N	N	N
cvss4_vuldb_sc	N	N	N	N
cvss4_vuldb_si	N	N	N	N
cvss4_vuldb_sa	N	N	N	N
cvss2_vuldb_basescore	4.0	4.0	4.0	4.0
cvss2_vuldb_tempscore	3.4	3.4	3.4	3.4
cvss3_vuldb_basescore	3.5	3.5	3.5	3.5
cvss3_vuldb_tempscore	3.2	3.2	3.2	3.2
cvss3_meta_basescore	3.5	3.5	3.5	4.1
cvss3_meta_tempscore	3.2	3.2	3.3	4.0
cvss4_vuldb_bscore	5.1	5.1	5.1	5.1
euvd_id		EUVD-2025-36084	EUVD-2025-36084	EUVD-2025-36084
cve_nvd_summary			A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.	A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
cvss4_cna_av			N	N
cvss4_cna_ac			L	L
cvss4_cna_at			N	N
cvss4_cna_pr			L	L
cvss4_cna_ui			P	P
cvss4_cna_vc			N	N
cvss4_cna_vi			L	L
cvss4_cna_va			N	N
cvss4_cna_sc			N	N
cvss4_cna_si			N	N
cvss4_cna_sa			N	N
cvss4_cna_bscore			5.1	5.1
cvss3_cna_av			N	N
cvss3_cna_ac			L	L
cvss3_cna_pr			L	L
cvss3_cna_ui			R	R
cvss3_cna_s			U	U
cvss3_cna_c			N	N
cvss3_cna_i			L	L
cvss3_cna_a			N	N
cvss3_cna_basescore			3.5	3.5
cvss2_cna_av			N	N
cvss2_cna_ac			L	L
cvss2_cna_au			S	S
cvss2_cna_ci			N	N
cvss2_cna_ii			P	P
cvss2_cna_ai			N	N
cvss2_cna_basescore			4.0	4.0
cvss3_nvd_av				N
cvss3_nvd_ac				L
cvss3_nvd_pr				L
cvss3_nvd_ui				R
cvss3_nvd_s				C
cvss3_nvd_c				L
cvss3_nvd_i				L
cvss3_nvd_a				N
cvss3_nvd_basescore				5.4

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Interested in the pricing of exploits?

See the underground prices here!