A vulnerability was determined in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/bill_setup.php. Executing manipulation of the argument txtBillType can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
History

Tue, 02 Sep 2025 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Admerc
Admerc apartment Management System
CPEs cpe:2.3:a:admerc:apartment_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Admerc
Admerc apartment Management System

Fri, 29 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 29 Aug 2025 13:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/bill_setup.php. Executing manipulation of the argument txtBillType can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Title itsourcecode Apartment Management System bill_setup.php sql injection
Weaknesses CWE-74
CWE-89
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-08-29T13:42:59.589Z

Reserved: 2025-08-29T05:59:07.928Z

Link: CVE-2025-9644

cve-icon Vulnrichment

Updated: 2025-08-29T13:42:52.241Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-29T13:15:39.000

Modified: 2025-09-02T13:30:58.810

Link: CVE-2025-9644

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.