Lucene search
K

68 matches found

OSV
OSV
added 2025/10/23 11:15 a.m.4 views

CVE-2025-41073

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

6.5CVSS5.8AI score0.00343EPSS
Exploits0References1
NVD
NVD
added 2025/10/23 11:15 a.m.7 views

CVE-2025-41073

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

7.1CVSS0.00343EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/23 10:57 a.m.7 views

EUVD-2025-35675

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

7.1CVSS6.2AI score0.00343EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/23 10:57 a.m.11 views

CVE-2025-41073 Path Traversal in Gandia Integra Total by TESI

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

7.1CVSS0.00343EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/23 10:57 a.m.5 views

CVE-2025-41073 Path Traversal in Gandia Integra Total by TESI

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

7.1CVSS6.3AI score0.00343EPSS
Exploits0References1
CVE
CVE
added 2025/10/23 10:57 a.m.14 views

CVE-2025-41073

CVE-2025-41073 describes a path traversal vulnerability in TESI Gandia Integra Total v4.4.2236.1. An authenticated attacker can exploit the direstudio parameter in /encuestas/integraweb[_v4]/integra/html/view/comprimir.php to download a ZIP file containing server files, including those in parent ...

7.1CVSS6.3AI score0.00343EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/23 12:0 a.m.7 views

PT-2025-43440

Name of the Vulnerable Software and Affected Versions TESI Gandia Integra Total version 4.4.2236.1 Description An authenticated attacker can download a ZIP file containing files from the server, including those in parent directories. This is possible by exploiting the direstudio parameter in the...

7.1CVSS6.5AI score0.00343EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-23357

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00577EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-23355

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00577EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-23360

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00327EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-23359

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00583EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-23356

Malicious code in bioql PyPI...

8.7CVSS6.4AI score0.0107EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23354

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00628EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23358

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00583EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-23353

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00507EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.10 views

Gandia Integra Total 4.4.2236.1 SQL Injection

Gandia Integra Total versions 2.1.2217.3 through 4.4.2236.1 suffer from a remote SQL injection vulnerability...

8.7CVSS8.1AI score0.0107EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.13 views

CVE-2025-41372

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

8.7CVSS7.1AI score0.00577EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.11 views

CVE-2025-41370

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb/html/view/acceso.php...

9.3CVSS7.2AI score0.00583EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.10 views

CVE-2025-41374

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

8.7CVSS7.1AI score0.00577EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.12 views

CVE-2025-41376

CRLF Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via '/index.php/survey/index/sid//token/fwyfw%0d%0aCookie:%20POC'...

5.1CVSS7.2AI score0.00507EPSS
Exploits0References1
Rows per page
Query Builder