CVE Catalog

CVE-2025-45145

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.72%

49th percentile - higher than 49% of all known CVEs

Summary

A directory traversal vulnerability in Follett Software's Destiny Library Manager version 22_0_2_rc1 (fixed in v.22.5 AU1) allows remote attackers to read arbitrary system and application files via the image parameter.

Risk Assessment

An attacker can access sensitive data such as configuration files, passwords, or user data, leading to a breach of system confidentiality.

Recommendation

Immediately update Destiny Library Manager to version 22.5 AU1 or later, which includes a fix for this vulnerability.

Original NVD description (English source)

Directory traversal in Follett Software's Destiny Library Manager 22_0_2_rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter

Vulnerability data from NVD (NIST) · CISA KEV · EPSS