CVE-2025-40628 Information

Description

SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to retrieve create update and delete databases via the “d” parameter in the “/article.php” endpoint.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-domainspro