CNNVD-202508-361 Information
Aug 05, 2025
cve
CNNVD ID
CNNVD-202508-361
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
Agenzia Impresa EccoBook是意大利Agenzia Impresa公司的一款账本软件。 Agenzia Impresa Eccobook v2.81.1及之前版本存在安全漏洞,该漏洞源于PdfHandler组件存在不安全的直接对象引用,可能导致读取机密文档。
Description (English)
Agenzia Impressa EcoBook is a booking software for the Italian company Agenzia Impressa. There is a security loophole in Agenzia Impresa Ecobook v2.81 and earlier versions, which stems from the presence of unsafe direct object references for the Pdfhandler component, which may lead to access to confidential documents.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Agenzia Impresa
Published
2025-08-05
Last Modified
2026-02-24
References
https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2025-51628%20%7C%20Eccobook.md http://agenzia.com http://eccobook.com https://access.redhat.com/security/cve/cve-2025-51628
Share on: