CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-41073

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories (e.g., ..\..\..), by exploiting the “direstudio” parameter in “/encuestas/integraweb[_v4]/integra/html/view/comprimir.php”.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.2%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-gandia-integra-total-tesi

Products affected by CVE-2025-41073

Tesigandia » Gandia Integra Total » Version: 4.4.2236.1

cpe:2.3:a:tesigandia:gandia_integra_total:4.4.2236.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-41073

Products

Pricing

Contact Us