A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP Response Header Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. Upgrading to version 1.0.2 is able to address this issue. It is recommended to upgrade the affected component.
References
Link | Resource |
---|---|
https://summerpearlgroup.gr/spgpm/releases | Release Notes |
https://vuldb.com/?ctiid.310272 | Permissions Required VDB Entry |
https://vuldb.com/?id.310272 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
03 Jun 2025, 15:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Summerpearlgroup
Summerpearlgroup vacation Rental Management Platform |
|
References | () https://summerpearlgroup.gr/spgpm/releases - Release Notes | |
References | () https://vuldb.com/?ctiid.310272 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.310272 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:summerpearlgroup:vacation_rental_management_platform:*:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo |
28 May 2025, 15:01
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
26 May 2025, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-26 12:15
Updated : 2025-06-03 15:46
NVD link : CVE-2025-5184
Mitre link : CVE-2025-5184
CVE.ORG link : CVE-2025-5184
JSON object : View
Products Affected
summerpearlgroup
- vacation_rental_management_platform
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-284Improper Access Control
NVD-CWE-noinfo