CVE-2025-4472: code-projects Departmental Store Management System bill stack-based overflow
Description
A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in code-projects Departmental Store Management System 1.0 ausgemacht. Betroffen hiervon ist die Funktion bill. Mittels Manipulieren des Arguments Item Code mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung.
Classification
CVE ID: CVE-2025-4472
CVSS Base Severity: MEDIUM
CVSS Base Score: 4.8
CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Affected Products
Vendor: code-projects
Product: Departmental Store Management System
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 2.19% (scored less or equal to compared to others)
EPSS Date: 2025-06-07 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-4472https://vuldb.com/?id.308094
https://vuldb.com/?ctiid.308094
https://vuldb.com/?submit.566516
https://github.com/zzzxc643/cve/blob/main/Department_Store_Management_System.md
https://code-projects.org/