7 matches found
Bottinelli Informatical Vedo Suite File Upload Vulnerability
Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. A file upload vulnerability exists in Bottinelli Informatical Vedo Suite version 2024.17, which stems from a lack of effective validation of uploaded files by...
Bottinelli Informatical Vedo Suite Cross-Site Scripting Vulnerability
Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. A cross-site scripting vulnerability exists in Bottinelli Informatical Vedo Suite version 2024.17, which originates from uncleared input in /apivedo/, and can...
CVE-2025-51057
The CVE-2025-51057 entry describes a local file inclusion (LFI) in Bottinelli/Vedo Suite 2024.17 via the /api_vedo/video/preview endpoint. The root cause is an unsanitized readfile() call that lets an authenticated attacker read arbitrary filesystem files. Impact is read access to sensitive files...
Bottinelli Informatical Vedo Suite 安全漏洞
Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. A cross-site scripting vulnerability exists in Bottinelli Informatical Vedo Suite version 2024.17, which originates from uncleared input in /apivedo/, and can...
Bottinelli Informatical Vedo Suite 安全漏洞
Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. A security vulnerability exists in Bottinelli Informatical Vedo Suite version 2024.17 that stems from an uncleaned filegetcontents function call that could le...
CVE-2025-51056
An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to write to arbitrary filesystem paths by exploiting the insecure 'uploadPreviews' custom function in '/apivedo/colorwayspreview', ultimately resulting in remote code execution RCE...
Bottinelli Informatical Vedo Suite 安全漏洞
Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. A file upload vulnerability exists in Bottinelli Informatical Vedo Suite version 2024.17, which stems from a lack of effective validation of uploaded files by...