CVE-2025-45145
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk49th percentile - higher than 49% of all known CVEs
Summary
A directory traversal vulnerability in Follett Software's Destiny Library Manager version 22_0_2_rc1 (fixed in v.22.5 AU1) allows remote attackers to read arbitrary system and application files via the image parameter.
Risk Assessment
An attacker can access sensitive data such as configuration files, passwords, or user data, leading to a breach of system confidentiality.
Recommendation
Immediately update Destiny Library Manager to version 22.5 AU1 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
Directory traversal in Follett Software's Destiny Library Manager 22_0_2_rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter

