CVE-2025-0202
MEDIUMTCS BaNCS 10 - File Inclusion via /REPORTS/REPORTS_SHOW_FILE.jsp FilePath Parameter
Title source: llmDescription
A vulnerability was found in TCS BaNCS 10. It has been classified as problematic. This affects an unknown part of the file /REPORTS/REPORTS_SHOW_FILE.jsp. The manipulation of the argument FilePath leads to file inclusion. The real existence of this vulnerability is still doubted at the moment.
References (3)
Core 3
Core References
Permissions Required, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.290139
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.290139
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.469455
Scores
CVSS v3
5.5
EPSS
0.0030
EPSS Percentile
21.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-73
Status
published
Products (1)
TCS/BaNCS
10
Published
Jan 04, 2025
Tracked Since
Feb 18, 2026