CVE-2025-41348
EUVD-2025-19797818.11.2025, 12:15
SQL injection vulnerability in WinPlus v24.11.27 by Informática del Este. This vulnerability allows an attacker recover, create, update an delete databases by sendng a POST request using the parameters 'val1' and 'cont in '/WinplusPortal/ws/sWinplus.svc/json/getacumper_post'.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| iest | winplus | 24.11.27 |
𝑥
= Vulnerable software versions