Security Advisory

CVE-2025-40639

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-09 09:31:10

Last updated 2026-03-09 20:05:09

Assigner INCIBE

State PUBLISHED

Description

A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the promo_send parameter in the /assets/php/calculate_discount.php.

← Browse all CVEs View on cve.org ↗