Vulnerability Description
A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as critical. This vulnerability affects unknown code of the component Listing Handler. The manipulation leads to authorization bypass. The attack can be initiated remotely. Upgrading to version 1.0.2 is able to address this issue. It is recommended to upgrade the affected component.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Summerpearlgroup | Vacation Rental Management Platform | < 1.0.2 |
Related Weaknesses (CWE)
References
- https://github.com/Stolichnayer/Summer-Pearl-Group-IDOR-XSSNot Applicable
- https://summerpearlgroup.gr/spgpm/releasesRelease Notes
- https://vuldb.com/?ctiid.310270Permissions RequiredVDB Entry
- https://vuldb.com/?id.310270Third Party AdvisoryVDB Entry
- https://www.youtube.com/watch?v=0wwuatTa6sUExploit
- https://github.com/Stolichnayer/Summer-Pearl-Group-IDOR-XSSNot Applicable
FAQ
What is CVE-2025-5182?
CVE-2025-5182 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as critical. This vulnerability affects unknown code of the component Listing Handle...
How severe is CVE-2025-5182?
CVE-2025-5182 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5182?
Check the references section above for vendor advisories and patch information. Affected products include: Summerpearlgroup Vacation Rental Management Platform.