CNNVD-202510-3266 Information

CNNVD ID

CNNVD-202510-3266

Related CVE

CVE-2025-41073

• CNNVD Published: 2025-10-23

Description (Chinese)

TESI Gandia Integra Total是西班牙TESI公司的一款基于Web的在线调查和数据分析系统。 TESI Gandia Integra Total 4.4.2236.1版本存在路径遍历漏洞，该漏洞源于对文件/encuestas/integraweb[_v4]/integra/html/view/comprimir.php中参数direstudio的错误操作，可能导致路径遍历攻击。

Description (English)

TESI Gandia Integra Total is a Web-based web-based survey and data analysis system for TESI in Spain. Version 4.2.2236.1 of TESI Gandia Integra Total has a path-wide loophole, which stems from a mishandling of the parameters direstudio in the file/encuestas/integraweb[ v4]/integra/html/view/comprimir.php, which may lead to a path-wide attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

TESI

Published

2025-10-23

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-gandia-integra-total-tesi

Patch

https://tesigandia.com/