CVE-2025-10245

Name of the Vulnerable Software and Affected Versions: Display Painéis TGA versions through 7.1.41

Description: A security flaw exists in Display Painéis TGA up to version 7.1.41. The issue is related to path traversal within the /gallery/rename file of the Galeria Page component, resulting from manipulation of the current folder argument. The exploit for this issue has been publicly released. The vendor was notified but did not respond.

Recommendations: Versions prior to 7.1.41 should be updated. As a temporary workaround, restrict access to the /gallery/rename file. Avoid using the current folder argument in the affected file until the issue is resolved.