2024-03-22 13:34:14
INCIBE
PUBLISHED
SQL injection vulnerability in the CIGESv2 system, through /ajaxSubServicios.php, in the idServicio parameter. The exploitation of this vulnerability could allow a remote user to retrieve all data stored in the database by sending a specially crafted SQL query.