SQL Injection in Sinturno
CVE-2025-41008
SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the '/_adm/scripts/modalReport_data.php' endpoint.
Vulnerability class: SQL Injection
EPSS: 0.000 (14.3th percentile) — read the EPSS interpretation.
Affected products
- Sinturno — versions all versions