EUVD-2025-31328

ID: EUVD-2025-31328

Severity: high

CVSS v4: 8.6 (CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

Unrestricted file upload vulnerability in DocAve 6.13.2, Perimeter 1.12.3, Compliance Guardian 4.7.1, and earlier versions, allowing administrator users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files that compromise the system. In addition, it is vulnerable to Path Traversal, which allows files to be written to arbitrary directories within the web root.

Timestamps

Normalized: 2025-12-31T11:32:22Z UTC
Last updated: 2025-12-31T11:30:19Z UTC

References

No references provided.

VulnAI

EUVD-2025-31328

Description

Timestamps

References