CVE-2025-63298 — HIGH (8.2)

Vulnerability Description

A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting the admin/manage_website.php component. An authenticated user with administrative privileges can leverage this flaw by submitting a specially crafted POST request, enabling the deletion of arbitrary files on the web server or underlying operating system.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Mayurik	Pet Grooming Management Software	1.0

Related Weaknesses (CWE)

CWE-24

References

https://github.com/z3rObyte/CVE-2025-63298ExploitThird Party Advisory
https://www.sourcecodester.com/sites/default/files/download/mayuri_k/petgroomingProduct

FAQ

What is CVE-2025-63298?

CVE-2025-63298 is a vulnerability with a CVSS score of 8.2 (HIGH). A path traversal vulnerability was identified in SourceCodester Pet Grooming Management System 1.0, affecting the admin/manage_website.php component. An authenticated user with administrative privileg...

How severe is CVE-2025-63298?

CVE-2025-63298 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-63298?

Check the references section above for vendor advisories and patch information. Affected products include: Mayurik Pet Grooming Management Software.