PT-2026-54961 · Unicamp · Unicamp

Published

2026-07-02

·

Updated

2026-07-04

·

CVE-2025-69094

CVSS v3.1

8.5

High

VectorAV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Name of the Vulnerable Software and Affected Versions Unicamp versions prior to 2.2.3
Description A SQL Injection issue exists where users with subscriber-level access can extract sensitive data. This occurs due to improper handling of input in the subscriber module, allowing an attacker to execute arbitrary SQL commands on the backend database.
Recommendations Update to a version newer than 2.2.2.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2025-69094

Affected Products

Unicamp