exploitDog

CVE-2025-40678

Опубликовано: 18 сент. 2025

Источник: nvd

EPSS Низкий

Описание

Unrestricted upload vulnerability for dangerous file types on Summar Software´s Portal del Empleado. This vulnerability allows an attacker to upload a dangerous file type by sending a POST request using the parameter “cctl00$ContentPlaceHolder1$fuAdjunto” in “/MemberPages/ntf_absentismo.aspx”.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-summar-software-employee-portal

EPSS

Процентиль: 24%

0.00081

Низкий

Дефекты

CWE-434

Связанные уязвимости

GHSA-8xh2-xr8x-3g8x

github

5 месяцев назад

Unrestricted upload vulnerability for dangerous file types on Summar Software´s Portal del Empleado. This vulnerability allows an attacker to upload a dangerous file type by sending a POST request using the parameter “cctl00$ContentPlaceHolder1$fuAdjunto” in “/MemberPages/ntf_absentismo.aspx”.

EPSS

Процентиль: 24%

0.00081

Низкий

Дефекты

CWE-434