Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-1ek5-ed8t-87fm

Summary A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element is an unknown function of the file /admin/admin_running.php. Executing a manipulation of the argument product_image can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

Aliases

alias	CVE-2025-14219

Fixed_packages

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-14219

reference_id

reference_type

scores

value	0.00065
scoring_system	epss
scoring_elements	0.20354
published_at	2026-06-11T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20529
published_at	2026-06-14T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20552
published_at	2026-06-13T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20532
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-14219

reference_url

https://github.com/yyue02/cve/issues/1

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-08T17:01:15Z/

url

https://github.com/yyue02/cve/issues/1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:campcodes:retro_basketball_shoes_online_store::::::::
reference_id	cpe:2.3:a:campcodes:retro_basketball_shoes_online_store::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:campcodes:retro_basketball_shoes_online_store::::::::

reference_url

https://vuldb.com/?ctiid.334661

reference_id

?ctiid.334661

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-08T17:01:15Z/

url

https://vuldb.com/?ctiid.334661

reference_url

https://vuldb.com/?id.334661

reference_id

?id.334661

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-08T17:01:15Z/

url

https://vuldb.com/?id.334661

reference_url

https://vuldb.com/?submit.701209

reference_id

?submit.701209

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-08T17:01:15Z/

url

https://vuldb.com/?submit.701209

reference_url

https://www.campcodes.com/

reference_id

www.campcodes.com

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R

value	5.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-08T17:01:15Z/

url

https://www.campcodes.com/

Weaknesses

cwe_id	284
name	Improper Access Control
description	The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

cwe_id	434
name	Unrestricted Upload of File with Dangerous Type
description	The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

Exploits

Severity_range_score 4.7 - 5.8

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ek5-ed8t-87fm

Vulnerability Instance