Vulnerability Description
julmud/phpDVDProfiler is an adoption of the defunct phpDVDProfiler project, which allows users to display on the web their DVD collections maintained with Invelos's DVDProfiler software. Starting in v_20230807 and prior to v_20250511, cross-site scripting in the search function. v_20250511 contains a patch for the issue.
Related Weaknesses (CWE)
References
- https://github.com/julmud/phpDVDProfiler/commit/c97e4b577969d5f6ca8171333b362fcd
- https://github.com/julmud/phpDVDProfiler/releases/tag/v_20250511
- https://github.com/julmud/phpDVDProfiler/security/advisories/GHSA-x3rx-6c2m-6vg9
- https://www.openbugbounty.org/reports/3456782
- https://www.openbugbounty.org/reports/3512265
FAQ
What is CVE-2025-46729?
CVE-2025-46729 is a documented vulnerability. julmud/phpDVDProfiler is an adoption of the defunct phpDVDProfiler project, which allows users to display on the web their DVD collections maintained with Invelos's DVDProfiler software. Starting in v...
How severe is CVE-2025-46729?
CVSS scoring is not yet available for CVE-2025-46729. Check NVD for updates.
Is there a patch for CVE-2025-46729?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.