CVE-2025-40655 Information

Description

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve create update and delete databases through the name parameter in /antcatalogue.asp.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-dm-corporative-cms-dmacroweb