VYPR
Critical severityNVD Advisory· Published Oct 27, 2025· Updated Apr 15, 2026

CVE-2025-41009

CVE-2025-41009

Description

SQL injection vulnerability in the DRED virtual campus platform. This vulnerability allows an attacker to retrieve, create, update, and delete data from the database by sending a POST request using the ‘buscame’ parameter in ‘/catalogo_c/catalogo.php’.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2025-41009 · Critical · VYPR