CVE-2025-41031 | T-INNOVA Deporsite prior 02.14.1115 POST Request uploadImage IdPersona/Foto authorization

Inserito da Angelo Barbosa | Set 2, 2025 | CVE

A vulnerability marked as problematic has been reported in T-INNOVA Deporsite. Impacted is an unknown function of the file /ajax/TInnova_c/FotoUsuario/llamadaAjax/uploadImage of the component POST Request Handler. The manipulation of the argument IdPersona/Foto leads to incorrect authorization.

This vulnerability is documented as CVE-2025-41031. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2025-41031 | T-INNOVA Deporsite prior 02.14.1115 POST Request uploadImage IdPersona/Foto authorization

Post correlati

CVE-2024-39815 | Vonets VGA-1000 up to 3.3.23.6.9 unknown vulnerability (icsa-24-214-08)

CVE-2024-25291 | Deskfiler 1.2.3 Plugin unrestricted upload

CVE-2024-47325 | Themeisle Multiple Page Generator Plugin up to 3.4.7 on WordPress sql injection

CVE-2024-13279 | Drupal Two-factor Authentication up to 1.7.x session fixiation