CVE-2025-41008

CVSS v4.0

9.3

Critical

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/ adm/scripts/modalReport data.php' endpoint.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-41008

Affected Products

Sinturno

CVE-2025-41008

Weakness Enumeration

Related Identifiers

Affected Products

References · 2