CVE Details
Basic Information
| Title | SoluçõesCoop iSoluçõesWEB Profile Information Update up.upload.php path traversal |
|---|---|
| Type | cve |
| Published | 2025-06-06T03:00:17.750Z |
| Last Seen |
Product Information
| Vendor | SoluçõesCoop |
|---|---|
| Product | iSoluçõesWEB |
| Version | 20250516 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A path traversal vulnerability in the Profile Information Update component of SoluçõesCoop iSoluçõesWEB allows attackers to manipulate the ‘nomeArquivo’ argument, potentially accessing unauthorized files. The vulnerability can be exploited remotely, and a public exploit is available. Users are advised to upgrade the affected component. |
|---|---|
| AI Severity | Medium |
| Vendor | SoluçõesCoop |
| Product | iSoluçõesWEB |
| Affected Version | up to 20250516 |
Affected Products
- SoluçõesCoop iSoluçõesWEB 20250516
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-22 |
| Bulletin Family |
References
Description
A vulnerability was found in SoluçõesCoop iSoluçõesWEB up to 20250516. It has been classified as problematic. This affects an unknown part of the file /sys/up.upload.php of the component Profile Information Update. The manipulation of the argument nomeArquivo leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.