CVE-2025-31207

Published May 12, 2025

Last updated 10 days ago

SourceCodester

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-31207 refers to a vulnerability found in SourceCodester Apartment Visitors Management System 1.0. It involves a SQL injection vulnerability affecting the processing of the `/add-apartment.php` file. Specifically, the `apartmentno` argument can be manipulated to inject SQL code. The attack can be initiated remotely, and the exploit is publicly available. It is possible that other parameters are also affected by this vulnerability. Another vulnerability with the ID CVE-2025-34028 exists in Commvault Command Center, where a path traversal vulnerability allows a remote, unauthenticated attacker to execute arbitrary code. Also, CVE-2025-31201 describes an arbitrary read and write vulnerability in Apple iOS, iPadOS, macOS, and other Apple products that allows an attacker to bypass Pointer Authentication.

Description
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps.
Source
product-security@apple.com
NVD status
Awaiting Analysis

Social media

Hype score
Not currently trending

  1. Released a very basic App that uses CVE-2025-31207 (patched in 18.5) to detect if a App is installed on your device or not (requires their exact Bundle ID) https://t.co/kiQEsEKwFi

    @c4ndyf1sh

    20 May 2025

    4282 Impressions

    8 Retweets

    62 Likes

    15 Bookmarks

    1 Reply

    0 Quotes

  2. CVE-2025-31207 A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed apps. https://t.co/mf7hrRtSep

    @CVEnew

    12 May 2025

    436 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Not sure what it is yet, but looking forward to it cvelist/2025/31xxx/CVE-2025-31207.json at master · CVEProject/cvelist https://t.co/hLr8xBW1gU

    @ichitaso

    3 May 2025

    2772 Impressions

    5 Retweets

    32 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-31207

    @TranKha50277352

    3 May 2025

    28903 Impressions

    7 Retweets

    139 Likes

    19 Bookmarks

    14 Replies

    5 Quotes

References

Sources include official advisories and independent security research.