CVE-2025-3975

A vulnerability was found in ScriptAndTools eCommerce-website-in-PHP 3.0 and classified as problematic. This issue affects some unknown processing of the file /admin/subscriber-csv.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS

No CVSS.

References

Link	Resource
https://vuldb.com/?ctiid.306311	Permissions Required VDB Entry
https://vuldb.com/?id.306311	Third Party Advisory VDB Entry
https://vuldb.com/?submit.557414	Third Party Advisory VDB Entry
https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30_53.html	Exploit Third Party Advisory
https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30_53.html	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:scriptandtools:ecommerce-website-in-php:3.0:*:*:*:*:*:*:*

History

12 May 2025, 19:07

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
References	~~() https://vuldb.com/?id.306311 -~~	() https://vuldb.com/?id.306311 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?submit.557414 -~~	() https://vuldb.com/?submit.557414 - Third Party Advisory, VDB Entry
References	~~() https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30_53.html -~~	() https://www.websecurityinsights.my.id/2025/04/script-and-tools-ecommerce-30_53.html - Exploit, Third Party Advisory
References	~~() https://vuldb.com/?ctiid.306311 -~~	() https://vuldb.com/?ctiid.306311 - Permissions Required, VDB Entry
CPE		cpe:2.3:a:scriptandtools:ecommerce-website-in-php:3.0:::::::*
First Time		Scriptandtools Scriptandtools ecommerce-website-in-php

28 Apr 2025, 15:15

Type	Values Removed	Values Added
CWE	CWE-284 CWE-200
CVSS	v2 : ~~unknown~~ v3 : ~~5.3~~	v2 : unknown v3 : unknown

27 Apr 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-27 16:15

Updated : 2025-05-12 19:07

NVD link : CVE-2025-3975

Mitre link : CVE-2025-3975

JSON object : View

Products Affected

scriptandtools

ecommerce-website-in-php

CWE

NVD-CWE-noinfo

JSON object

Attach tags to CVE-2025-3975

Attach tags to `CVE-2025-3975`