How severe is CVE-2025-2218?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2025-2218?

This is classified as CWE-266, which is a common weakness in software security.

CVE-2025-2218

MEDIUM Year: 2025

CVSS v3 Score

9.8

Critical

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-266

View all →

Vulnerability Description

A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This vulnerability affects unknown code of the file /api/system/other of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2022-3458

CRITICAL

CVSS:9.8(Critical)

A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.p...

CWE-2662022

CVE-2022-3735

CRITICAL

CVSS:9.8(Critical)

A vulnerability was found in seccome Ehoney. It has been rated as critical. This issue affects some unknown processing of the file /api/public/signup. The manipulation leads to improper access control...

CWE-2662022

CVE-2022-3771

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipu...

CWE-2662022

CVE-2022-4232

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricte...

CWE-2662022

CVE-2022-4272

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation ...

CWE-2662022

CVE-2022-4273

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the file /hrm/controller/employe...

CWE-2662022

CVE-2025-2218

Vulnerability Description

Related Vulnerabilities

CVE-2022-3458

CVE-2022-3735

CVE-2022-3771

CVE-2022-4232

CVE-2022-4272

CVE-2022-4273