Unrated severityNVD Advisory· Published Aug 1, 2025· Updated Aug 1, 2025

SQL injection vulnerability in Gandia Integra Total

CVE-2025-41370

Description

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb/html/view/acceso.php.

Affected products

Tesi/Gandia Integra Totalv5
Range: 2.1.2217.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-gandia-integra-total-tesimitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000