EUVD-2025-23357

ID: EUVD-2025-23357

Severity: high

CVSS v4: 8.7 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/informe_campo_entrevistas.php.

Timestamps

Normalized: 2025-12-31T11:32:18Z UTC
Last updated: 2025-12-31T11:30:04Z UTC

References

No references provided.

VulnAI

EUVD-2025-23357

Description

Timestamps

References