CVE-2025-41073

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

EUVD-2025-35675

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

CVE-2025-41073

CVE-2025-41073 describes a path traversal vulnerability in TESI Gandia Integra Total v4.4.2236.1. An authenticated attacker can exploit the direstudio parameter in /encuestas/integraweb[_v4]/integra/html/view/comprimir.php to download a ZIP file containing server files, including those in parent ...

CVE-2025-41073 Path Traversal in Gandia Integra Total by TESI

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

TESI Gandia Integra Total 路径遍历漏洞

TESI Gandia Integra Total is a Web-based online survey and data analysis system from TESI Spain. A path traversal vulnerability exists in TESI Gandia Integra Total version 4.4.2236.1, which originates from the incorrect manipulation of the parameter direstudio in the file...

PT-2025-43440

Name of the Vulnerable Software and Affected Versions TESI Gandia Integra Total version 4.4.2236.1 Description An authenticated attacker can download a ZIP file containing files from the server, including those in parent directories. This is possible by exploiting the direstudio parameter in the...