Vulnerabilities

CVE-2025-40985

by Fred · 16/07/2025

SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-scati-vision-web

Similar

Tags: Cybersecurity Alert