CVE-2025-41008

Vulnerability Description

SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/_adm/scripts/modalReport_data.php' endpoint.

Vulnerability Details

Published Date

March 23, 2026

Last Modified

March 23, 2026

CWE ID

CWE-89

Source

NVD

Vendor

Sinturno

Product

Sinturno

External References

https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-sinturno

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment