Security Advisory

CVE-2025-40677

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-18 11:46:31

Last updated 2025-09-18 13:28:42

Assigner INCIBE

State PUBLISHED

Description

SQL injection vulnerability in Summar Software´s Portal del Empleado. This vulnerability allows an attacker to retrieve, create, update, and delete the database by sending a POST request using the parameter “ctl00$ContentPlaceHolder1$filtroNombre” in “/MemberPages/quienesquien.aspx”.

← Browse all CVEs View on cve.org ↗