CVE-2025-1196

Summary

CVE-2025-1196 is a recently disclosed vulnerability affecting the Real Estate Property Management System 1.0. The issue lies within an unidentified function in the /search.php file, which can be exploited through manipulation of the PropertyName argument. This vulnerability enables attackers to execute cross-site scripting codes, posing a significant security risk. The exploit is publicly available, increasing the threat level for systems using this outdated software. Additional parameters may also be susceptible to similar attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.