Vulnerability Description
A vulnerability was found in SoluçõesCoop iSoluçõesWEB up to 20250516. It has been classified as problematic. This affects an unknown part of the file /sys/up.upload.php of the component Profile Information Update. The manipulation of the argument nomeArquivo leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isolucoesweb | Solucoescoop | <= 2025-05-16 |
Related Weaknesses (CWE)
References
- https://github.com/lfparizzi/CVE-SolucoesCoopExploitThird Party Advisory
- https://github.com/lfparizzi/CVE-SolucoesCoop?tab=readme-ov-file#path-traversal-ExploitThird Party Advisory
- https://vuldb.com/?ctiid.311235Permissions RequiredVDB Entry
- https://vuldb.com/?id.311235Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.579509Third Party AdvisoryVDB Entry
- https://github.com/lfparizzi/CVE-SolucoesCoopExploitThird Party Advisory
FAQ
What is CVE-2025-5714?
CVE-2025-5714 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability was found in SoluçõesCoop iSoluçõesWEB up to 20250516. It has been classified as problematic. This affects an unknown part of the file /sys/up.upload.php of the component Profile Infor...
How severe is CVE-2025-5714?
CVE-2025-5714 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5714?
Check the references section above for vendor advisories and patch information. Affected products include: Isolucoesweb Solucoescoop.