CNNVD-202508-045 Information

CNNVD ID

CNNVD-202508-045

Related CVE

CVE-2025-41376

• CNNVD Published: 2025-08-01

Description (Chinese)

TESI Gandia Integra Total是西班牙TESI公司的一款基于Web的在线调查和数据分析系统。 TESI Gandia Integra Total 2.1.2217.3至4.4.2236.1版本存在注入漏洞，该漏洞源于文件/encuestas/integraweb[_v4]/integra/html/view/consultacuotasred.php中参数idestudio存在SQL注入，可能导致数据库操作。

Description (English)

TESI Gandia Integra Total is a Web-based web-based survey and data analysis system for TESI in Spain. There is an injection loophole in TESI Gandia Integra Total 2.1.2217.3 to 4.4.2236.1, which originates from the SQL injection of the parameter idestudio in document/encuestas/integraweb[ v4]/integra/html/view/consultacuotasred.php, which may lead to the operation of the database.

Hazard Level

Medium

Vulnerability Type

注入

Affected Vendor

TESI

Published

2025-08-01

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-limesurvey https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-gandia-integra-total-tesi

Patch

https://tesigandia.com/