CNNVD-202509-3012 Information

CNNVD ID

CNNVD-202509-3012

Related CVE

CVE-2025-40678

• CNNVD Published: 2025-09-18

Description (Chinese)

Summar Portal del Empleado是西班牙Summar公司的一个员工门户系统。 Summar Portal del Empleado存在代码问题漏洞，该漏洞源于未限制危险文件类型上传，可能导致通过参数cctl00$ContentPlaceHolder1$fuAdjunto上传恶意文件。

Description (English)

Summar Portal del Empleado is an employee portal system for Summar in Spain. There is a code gap in Summar Portal del Empleado, which stems from the unrestricted uploading of dangerous file types, which may lead to the uploading of malicious documents through the parameter ccttl00 CONTPlaceHolder$1 fuAdjunto.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

向日葵

Published

2025-09-18

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-summar-software-employee-portal