SQL Injection Vulnerability in Gandia Integra Total by TESI
CVE-2025-41376
8.7HIGH
What is CVE-2025-41376?
A SQL injection vulnerability exists in Gandia Integra Total developed by TESI, affecting versions from 2.1.2217.3 to v4.4.2236.1. Exploiting this vulnerability allows authenticated attackers to manipulate the database through the 'idestudio' parameter in the specified PHP file, enabling unauthorized retrieval, creation, updating, and deletion of sensitive data.
Affected Version(s)
Gandia Integra Total 2.1.2217.3 < 4.4.2236.1