CVE-2025-41370 Information

Aug 02, 2025 cve

Description

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve create update and delete databases through the ‘idestudio’ parameter in /encuestas/integraweb/html/view/acceso.php.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-gandia-integra-total-tesi

CNNVD-202508-041 (Published: 2025-08-01)

Share on:

CVE-2025-41370 Information

Description

Reference

Related CNNVD