CVE-2025-40654 Information

Description

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve create update and delete databases through the name and cod parameters in /antbuspre.asp.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-dm-corporative-cms-dmacroweb