Primary

Context

Summar Software Portal del Empleado Unrestricted File Upload Vulnerability

Vulnerability

A vulnerability allowing unrestricted upload of dangerous file types has been identified in Summar Software's Portal del Empleado, versions prior to 3.98.0. This issue arises from the ability to send a POST request with the parameter 'cctl00$ContentPlaceHolder1$fuAdjunto' to the '/MemberPages/ntf_absentismo.aspx' page, facilitating the upload of malicious files.

Impact

Exploitation of this vulnerability could lead to the upload of harmful files, potentially allowing for further attacks such as executing malicious code or causing a denial-of-service.

Remediation

Users are advised to update to Summar Software Portal del Empleado version 3.98.0.

Added: Sep 18, 2025, 12:17 PM

Updated: Sep 18, 2025, 1:48 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Summar Software Portal del Empleado Unrestricted File Upload Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating