EUVD-2025-23355

ID: EUVD-2025-23355

Severity: high

CVSS v4: 8.7 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.

Timestamps

Normalized: 2025-12-31T11:32:19Z UTC
Last updated: 2025-12-31T11:30:05Z UTC

References

No references provided.

VulnAI

EUVD-2025-23355

Description

Timestamps

References