CVE-2025-40985
SQL Injection in SCATI Vision Web
SQL injection vulnerability in SCATI Vision Web of SCATI Labs from version 4.8 to 7.2. This vulnerability allows an attacker to exfiltrate some data from the database via the ‘login’ parameter in the endpoint ‘/scatevision_web/index.php/loginForm’.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
Productos afectados
SCATI · SCATI Vision Web¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →