CVE-2025-60306

Exploit

EPSS 0.38%
Veröffentlicht 10.10.2025 00:00:00
Zuletzt bearbeitet 16.10.2025 15:40:45
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Code-projects ≫ Simple Car Rental System Version1.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.299

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.9	3.1	6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://code-projects.com

Product

https://github.com/Chen1-Boop/CVE/blob/main/CVE-2025-60306.md

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-60306

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-60306

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-60306

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-60306