PT-2025-24005 · Unknown · Soluçõescoop Isoluçõesweb
Syrtain
·
Published
2025-06-06
·
Updated
2025-06-06
·
CVE-2025-5714
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SoluçõesCoop iSoluçõesWEB up to 20250516
Description
A problematic issue has been identified, affecting the Profile Information Update component, specifically the file /sys/up.upload.php. The manipulation of the
nomeArquivo argument leads to path traversal. This issue can be exploited remotely.Recommendations
Upgrade the affected component to a version later than 20250516. As a temporary workaround, consider restricting access to the /sys/up.upload.php file to minimize the risk of exploitation. Avoid using the
nomeArquivo argument in the affected component until the issue is resolved.Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Soluçõescoop Isoluçõesweb