CNNVD-202508-044 Information
Aug 01, 2025
cve
CNNVD ID
CNNVD-202508-044
Related CVE
- CNNVD Published: 2025-08-01
Description (Chinese)
TESI Gandia Integra Total是西班牙TESI公司的一款基于Web的在线调查和数据分析系统。 TESI Gandia Integra Total 2.1.2217.3至4.4.2236.1版本存在SQL注入漏洞,该漏洞源于文件consultaincimails.php中参数idestudio存在SQL注入,可能导致数据库操作。
Description (English)
TESI Gandia Integra Total is a Web-based web-based survey and data analysis system for TESI in Spain. TESI Gandia Integra Total 2.1.2217.3 to 4.4.2236.1 has an injection loophole in SQL, which stems from the presence of SQL injections of the parameter idestudio in document Consultaincimails.php, which may lead to database operations.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
TESI
Published
2025-08-01
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-limesurvey https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-gandia-integra-total-tesi