exploitDog

CVE-2025-14531

Опубликовано: 11 дек. 2025

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could be used.

Ссылки

https://code-projects.org/
Product
https://github.com/asd1238525/cve/blob/main/CRLF.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.335872
Permissions Required
VDB Entry
https://vuldb.com/?id.335872
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.703239
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:carmelo:rental_management_system:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00046

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-wf84-cw86-vjx4

CVSS3: 4.3

github

около 2 месяцев назад

A vulnerability was found in code-projects Rental Management System 2.0. This affects an unknown function of the file Transaction.java of the component Log Handler. Performing manipulation results in crlf injection. The attack can be initiated remotely. The exploit has been made public and could be used.

EPSS

Процентиль: 14%

0.00046

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-74