CVE-2025-41008

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Mar 23, 2026

Vendor unknown

Description

SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/_adm/scripts/modalReport_data.php' endpoint.

References

https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-sinturno