Security Advisory

CVE-2025-40728

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-16 08:29:07

Last updated 2025-06-16 16:11:11

Assigner INCIBE

State PUBLISHED

Description

SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customer_support/manage_user.php endpoint.

← Browse all CVEs View on cve.org ↗