CVE-2025-51628 Information

Aug 06, 2025 cve

Description

Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter.

Reference

http://agenzia.com http://eccobook.com https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2025-51628%20%7C%20Eccobook.md https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2025-51628%20%7C%20Eccobook.md

CNNVD-202508-361 (Published: 2025-08-05)

Share on:

CVE-2025-51628 Information

Description

Reference

Related CNNVD