AI description
CVE-2025-31207 refers to a vulnerability found in SourceCodester Apartment Visitors Management System 1.0. It involves a SQL injection vulnerability affecting the processing of the `/add-apartment.php` file. Specifically, the `apartmentno` argument can be manipulated to inject SQL code. The attack can be initiated remotely, and the exploit is publicly available. It is possible that other parameters are also affected by this vulnerability. Another vulnerability with the ID CVE-2025-34028 exists in Commvault Command Center, where a path traversal vulnerability allows a remote, unauthenticated attacker to execute arbitrary code. Also, CVE-2025-31201 describes an arbitrary read and write vulnerability in Apple iOS, iPadOS, macOS, and other Apple products that allows an attacker to bypass Pointer Authentication.
- Description
- A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 7.7
- Impact score
- 5.2
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-200
- Hype score
- Not currently trending
CVE-2025-31207 iOS 17 🏹iOS 18
@mohamedelshbly1
13 Jun 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Released a very basic App that uses CVE-2025-31207 (patched in 18.5) to detect if a App is installed on your device or not (requires their exact Bundle ID) https://t.co/kiQEsEKwFi
@c4ndyf1sh
20 May 2025
4282 Impressions
8 Retweets
62 Likes
15 Bookmarks
1 Reply
0 Quotes
CVE-2025-31207 A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps. https://t.co/mf7hrRtSep
@CVEnew
12 May 2025
436 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Not sure what it is yet, but looking forward to it cvelist/2025/31xxx/CVE-2025-31207.json at master · CVEProject/cvelist https://t.co/hLr8xBW1gU
@ichitaso
3 May 2025
2772 Impressions
5 Retweets
32 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-31207
@TranKha50277352
3 May 2025
28903 Impressions
7 Retweets
139 Likes
19 Bookmarks
14 Replies
5 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0459303-7D14-428D-9C4E-2C743AC9529F",
"versionEndExcluding": "18.5"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF6AAC00-F384-4B0D-BBA9-C2AD278BF653",
"versionEndExcluding": "18.5"
}
],
"operator": "OR"
}
]
}
]