Lucene search
K

57 matches found

Vulnrichment
Vulnrichment
added 2025/10/23 10:57 a.m.4 views

CVE-2025-41073 Path Traversal in Gandia Integra Total by TESI

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

7.1CVSS6.3AI score0.00343EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/23 10:57 a.m.8 views

CVE-2025-41073 Path Traversal in Gandia Integra Total by TESI

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

7.1CVSS0.00343EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/23 10:57 a.m.7 views

EUVD-2025-35675

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories e.g., ......, by exploiting the “direstudio” parameter in...

7.1CVSS6.2AI score0.00343EPSS
Exploits0References2
CVE
CVE
added 2025/10/23 10:57 a.m.14 views

CVE-2025-41073

CVE-2025-41073 describes a path traversal vulnerability in TESI Gandia Integra Total v4.4.2236.1. An authenticated attacker can exploit the direstudio parameter in /encuestas/integraweb[_v4]/integra/html/view/comprimir.php to download a ZIP file containing server files, including those in parent ...

7.1CVSS6.3AI score0.00343EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-23360

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00327EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-23359

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00583EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23355

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00577EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-23353

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00507EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23358

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00583EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-23357

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00577EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-23354

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00628EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.9 views

Gandia Integra Total 4.4.2236.1 SQL Injection

Gandia Integra Total versions 2.1.2217.3 through 4.4.2236.1 suffer from a remote SQL injection vulnerability...

8.7CVSS8.1AI score0.0107EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.13 views

CVE-2025-41372

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

8.7CVSS7.1AI score0.00577EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.12 views

CVE-2025-41376

CRLF Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via '/index.php/survey/index/sid//token/fwyfw%0d%0aCookie:%20POC'...

5.1CVSS7.2AI score0.00507EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.10 views

CVE-2025-41371

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

9.3CVSS7.1AI score0.00583EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/03 2:13 p.m.9 views

CVE-2025-41373

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

8.7CVSS7AI score0.0107EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/08/03 2:13 p.m.13 views

CVE-2025-41375

SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token' parameter in '/index.php' endpoint...

9.3CVSS7.9AI score0.00628EPSS
Exploits0References1
NVD
NVD
added 2025/08/01 1:15 p.m.8 views

CVE-2025-41374

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

8.8CVSS0.00577EPSS
Exploits0References1
NVD
NVD
added 2025/08/01 1:15 p.m.7 views

CVE-2025-41375

SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, update and delete database via 'token' parameter in '/index.php' endpoint...

9.8CVSS0.00628EPSS
Exploits0References1
NVD
NVD
added 2025/08/01 1:15 p.m.10 views

CVE-2025-41376

CRLF Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via '/index.php/survey/index/sid//token/fwyfw%0d%0aCookie:%20POC'...

5.3CVSS0.00507EPSS
Exploits0References1
Rows per page
Query Builder