CVE-2025-9848
HIGHDescription
A security vulnerability has been detected in ScriptAndTools Real Estate Management System 1.0. The affected element is an unknown function of the file /admin/userlist.php. Such manipulation leads to execution after redirect. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| scriptandtools | real_estate_management_system |
References
Frequently Asked Questions
What is CVE-2025-9848? +
How severe is CVE-2025-9848? +
What products are affected by CVE-2025-9848? +
How do I check if I'm vulnerable to CVE-2025-9848? +
Related Vulnerabilities
Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by …
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors …
A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part …
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function …
The configuration pages available are not intended to be placed on an Internet facing web server, as they expose file …
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is …