CVE-2025-2652

23.03.2025, 15:15

A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. Multiple sub-directories are affected.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
VulDB	CNA	5.3 MEDIUM				CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 18%

Vendor	Product	Version
oretnom23	employee_and_visitor_gate_pass_logging_system	1.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-548 - Exposure of Information Through Directory Listing
A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.

References

https://github.com/happytraveller-alone/cve/blob/main/dir.md

https://vuldb.com/?ctiid.300667

https://vuldb.com/?id.300667

https://vuldb.com/?submit.519876

https://www.sourcecodester.com/

https://github.com/happytraveller-alone/cve/blob/main/dir.md