- Description
- A vulnerability was found in withstars Books-Management-System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /allreaders.html of the component Background Interface. The manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
- CNA Tags
- unsupported-when-assigned
CVSS 4.0
- Type
- Secondary
- Base score
- 6.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
CVE-2025-3960 Unauthenticated Remote Code Execution in withstars Books-M... https://t.co/Us0fUf0BDa Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd
@VulmonFeeds
27 Apr 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
�� CVE-2025-3960 - Books Management System - HIGH 🚨 🗓️ Date published 2025-04-27 06:15:14 UTC #BooksManagementSystem #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/91f0nABA0F
@vulns_space
27 Apr 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:withstars:books-management-system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A141FEA2-F903-468D-BF48-99360A0FC0E6"
}
],
"operator": "OR"
}
]
}
]