CVE-2025-10870
SQL injection in DIAL's CentrosNet
SQL injection vulnerability in DIAL's CentrosNet v2.64. Allows an attacker to retrieve, create, update, and delete databases by sending POST and GET requests with the 'ultralogin' parameter in '/centrosnet/ultralogin.php'.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
DIAL · CentrosNet¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →