CVE-2025-41007

Description

SQL Injection in Cuantis. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'search' parameter in the '/search.php' endpoint.

References

• https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-cuantis