Unquoted Search Path or Element

CVE-2025-14018

High

7.3/10

Summary

Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries. This issue affects e-Fatura: before 1.2.15.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: LOW

CWE-428 - Unquoted Search Path or Element

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

References

Advisory Timeline

Published Dec 22, 2025

Unquoted Search Path or Element

CVE-2025-14018

Summary

CWE-428 - Unquoted Search Path or Element

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS