Security Advisory

CVE-2025-69213

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-04 17:42:28

Last updated 2026-02-04 19:32:47

Assigner GitHub_M

State PUBLISHED

Description

OpenSTAManager is an open source management software for technical assistance and invoicing. In version 2.9.8 and prior, a SQL Injection vulnerability exists in the ajax_complete.php endpoint when handling the get_sedi operation. An authenticated attacker can inject malicious SQL code through the idanagrafica parameter, leading to unauthorized database access. At time of publication, no known patch exists.

← Browse all CVEs View on cve.org ↗