CVE-2025-14567 | haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0 /api/employees missing authentication

A vulnerability categorized as problematic has been discovered in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This affects an unknown function of the file /api/employees. Executing manipulation can lead to missing authentication. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is registered as CVE-2025-14567. It is possible to launch the attack remotely. Furthermore, an exploit is available.

This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-14567 | haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0 /api/employees missing authentication

Post correlati

CVE-2024-33670 | Passbolt up to 4.6.1 API cross site scripting

CVE-2024-20067 | MediaTek MT8792 Modem out-of-bounds write (MOLY01267285)

CVE-2024-3667 | Brizy Plugin up to 2.4.43 on WordPress Widget Link to URL cross site scripting

CVE-2025-1836 | Incorta 2023.4.3 Edit Insight Service Name csv injection