CVE-2025-51628

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Agenzia Impresa Eccobook versions prior to 2.81.2

Description An Insecure Direct Object Reference (IDOR) vulnerability exists in the PdfHandler component. This allows unauthenticated attackers to read confidential documents. The vulnerability is triggered through the DocumentoId parameter.

Recommendations Update Agenzia Impresa Eccobook to a version prior to 2.81.2.

Exploit

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2025-51628

Affected Products

Agenzia Impresa Eccobook

CVE-2025-51628

Weakness Enumeration

Related Identifiers

Affected Products

References · 6