CVE-2025-1575 | Harpia DiagSystem 12 atualatendimento_jpeg.php cod/codexame resource injection

Posted by Angelo Barbosa | Feb 22, 2025 | CVE

A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function of the file /diagsystem/PACS/atualatendimento_jpeg.php. The manipulation of the argument cod/codexame leads to improper control of resource identifiers.

This vulnerability is traded as CVE-2025-1575. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-1575 | Harpia DiagSystem 12 atualatendimento_jpeg.php cod/codexame resource injection

Related Posts

CVE-2025-22764 | wpwebs Team WP Post Corrector Plugin up to 1.0.2 on WordPress cross site scripting

CVE-2024-3528 | Campcodes Complete Online Student Management System 1.0 units_view.php FirstRecord cross site scripting

CVE-2023-6165 | Restrict Usernames Emails Characters Plugin up to 3.1.3 on WordPress Setting cross site scripting

CVE-2024-49381 | plentico plenti up to 0.7.1 /postLocal injection (GHSL-2024-297)