CVE-2025-63891 – SourceCodester Simple Online Book Store System Database Disclosure

CVE ID : CVE-2025-63891

Published : Nov. 14, 2025, 9:15 p.m. | 1 hour, 45 minutes ago

Description : Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents (including schema and credential hashes) via an unauthenticated HTTP GET request to /obs/database/obs_db.sql.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…