CNNVD-202508-042 Information

CNNVD ID

CNNVD-202508-042

Related CVE

CVE-2025-41374

• CNNVD Published: 2025-08-01

Description (Chinese)

TESI Gandia Integra Total是西班牙TESI公司的一款基于Web的在线调查和数据分析系统。 TESI Gandia Integra Total 2.1.2217.3至4.4.2236.1版本存在SQL注入漏洞，该漏洞源于文件/encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php中参数idestudio存在SQL注入，可能导致数据库操作。

Description (English)

TESI Gandia Integra Total is a Web-based web-based survey and data analysis system for TESI in Spain. The SQL injection gap in TESI Gandia Integra Total 2.1.2217.3 to 4.4.2236.1 originated from the SQL injection of the parameter idestudio in document/encuestas/integraweb [ v4]/integra/html/view/hislistadoacciones.php, which could lead to the operation of the database.

Hazard Level

Low

Vulnerability Type

SQL注入

Affected Vendor

TESI

Published

2025-08-01

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-gandia-integra-total-tesi

Patch

https://tesigandia.com/