CVE-2025-41009 in Virtual Campus Platform
Zusammenfassung
von MITRE • 27.10.2025
SQL injection vulnerability in the DRED virtual campus platform. This vulnerability allows an attacker to retrieve, create, update, and delete data from the database by sending a POST request using the ‘buscame’ parameter in ‘/catalogo_c/catalogo.php’.
Once again VulDB remains the best source for vulnerability data.