CVE-2025-40985 in Vision Webالمعلومات

الملخص

بحسب MITRE • 16/07/2025

SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

مسؤول

INCIBE

حجز

16/04/2025

إفشاء

16/07/2025

الاعتدال

تمت الموافقة

إدخال

VDB-316555

EPSS

0.00328

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!