CVE-2025-4282HIGH 8.8EPSS p18.9%

CVE-2025-4282CVE-2025-4282

Description

A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=save. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.27% probability of exploitation · percentile 18.9% · 2026-06-19T12:03:05Z
Published2025-05-05
Last modified2025-05-14

Underlying weaknesses· 2

CWE-352CWE-862

References

  1. https://github.com/th3w0lf-1337/Vulnerabilities/blob/main/SMS-PHP/CSRF/info.md
  2. https://vuldb.com/?ctiid.307390
  3. https://vuldb.com/?id.307390
  4. https://vuldb.com/?submit.563102

2

TypeTargetConfidenceTier
WeaknessCross-Site Request Forgery (CSRF)cwe-3520%live
WeaknessMissing Authorizationcwe-8620%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-4283
CVE
CVE-2025-4786
CVE
CVE-2025-4787
CVE
CVE-2025-4887
CVE
CVE-2025-4782
CVE
CVE-2025-4806
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.