CNNVD-202510-3573 Information

Oct 27, 2025 cve

CNNVD ID

CNNVD-202510-3573

CVE-2025-41009

CNNVD Published: 2025-10-27

Description (Chinese)

Diseño de Recursos Educativos Virtual Campus Platform是西班牙Diseño de Recursos Educativos公司的一个虚拟课堂平台。 Diseño de Recursos Educativos Virtual Campus Platform存在SQL注入漏洞，该漏洞源于对文件/catalogo_c/catalogo.php中参数buscame的错误操作，可能导致SQL注入攻击。

Description (English)

Diseño de Recursos Educativos Virgin Campus Platform is a virtual classroom platform of the Spanish company Diseño de Recursos Educativos. Diseño de Recursos Educativos Virtual Campus Platform has an injection loophole in SQL, which is the result of an error in the use of the parameter Buscame in the document/catalogo c/catalogo.php, which could lead to an attack on SQL.

Hazard Level

Low

Vulnerability Type

SQL注入

Affected Vendor

Diseño de Recursos Educativos

Published

2025-10-27

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-virtual-campus-platform-diseno-de-recursos-educativos

Patch

https://dred.es/

Share on: