QSearchQSearch

CVE-2025-14018

7.3 HIGH

Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc

Published: 2025-12-22 · Last updated: 2026-06-04

Severity and scoring

CVSS
7.3 HIGH
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
CWE
CWE-428

Description

Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries. This issue affects e-Fatura: before 1.2.15.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2021-47974 VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows ... (7.8 HIGH)
  • CVE-2020-37247 Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalat... (7.8 HIGH)
  • CVE-2020-37232 Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary... (7.8 HIGH)
  • CVE-2020-37231 Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escal... (7.8 HIGH)
  • CVE-2020-37230 Syncplify.me Server (7.8 HIGH)