CVE-2025-51056 | Bottinelli Informatical Vedo Suite 2024.17 colorways_preview uploadPreviews unrestricted upload

Inserito da Angelo Barbosa | Ago 6, 2025 | CVE

A vulnerability was found in Bottinelli Informatical Vedo Suite 2024.17. It has been classified as critical. This affects the function uploadPreviews of the file /api_vedo/colorways_preview. The manipulation leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-51056. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-51056 | Bottinelli Informatical Vedo Suite 2024.17 colorways_preview uploadPreviews unrestricted upload

Post correlati

CVE-2024-6336 | GitHub Enterprise Server up to 3.9.16/3.10.13/3.11.11/3.12.5/3.13.0 Organization Member information disclosure

CVE-2025-21394 | Microsoft

CVE-2025-0065 | TeamViewer Remote Full Client/Remote Host on Windows TeamViewer_service.exe argument injection

CVE-2024-25979 | Moodle prior 4.3.3/4.1.9 Forum Search parameters