CVE-2025-6329
BaseFortify
Publication date: 2025-06-20
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| scriptandtools | real_estate_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6329 is an Insecure Direct Object Reference (IDOR) vulnerability in the ScriptAndTools Real Estate Management System version 1.0, specifically in the userdelete.php file. This vulnerability allows an attacker to manipulate the 'id' parameter in the URL to delete any user account, including administrator accounts, without proper authorization or authentication checks. Essentially, the application does not verify if the requester has permission to delete the specified user, enabling unauthorized user deletions remotely. [1, 3]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized deletion of user accounts, loss of administrator access, operational disruption, potential data loss, and damage to the organization's reputation. Attackers can remotely delete arbitrary user accounts without authentication, which can lead to denial of service, privilege escalation, and compromise of system integrity and availability. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for unauthorized access attempts to the userdelete.php endpoint with manipulated 'id' parameters. One way to detect it is by monitoring web server logs for requests to URLs like /admin/userdelete.php?id= followed by different user IDs. Additionally, Google hacking can be used to identify vulnerable targets by searching for 'inurl:userdelete.php'. A simple command to check for such requests in logs could be: grep 'userdelete.php?id=' /var/log/apache2/access.log. Also, manual testing by attempting to access the URL with different user IDs without authentication can confirm the vulnerability. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the userdelete.php endpoint by implementing proper authorization checks to ensure only authorized users can delete accounts. If possible, disable or remove the vulnerable userdelete.php component until a secure patch or update is available. Network-level controls such as IP whitelisting or firewall rules to limit access to the admin area can also help reduce exposure. Since no known countermeasures or patches are reported, replacing the affected component with a secure alternative is recommended. [2, 3]