CVE-2025-40712

Publication date

2025-07-08 11:33:40

Family

INCIBE

State

PUBLISHED

Description

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /FacturaE/DescargarFactura.