Vulnerabilities

CVE-2025-41373

by Fred · 01/08/2025

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the ‘idestudio’ parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-gandia-integra-total-tesi

Similar

Tags: Cybersecurity Alert