2 matches found
CVE-2025-40698 SQL injection vulnerability in Prevengos
SQL injection vulnerability in Prevengos v2.44 by Nedatec Consulting. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a POST request using the parameters “mpsCentroin”, “mpsEmpresa”, “mpsProyecto”, and “mpsContrata” in...
CVE-2025-40698
CVE-2025-40698 concerns Prevengos, a vulnerability in Prevengos v2.44 by Nedatec Consulting. A SQL injection is triggered via a POST to the API endpoint "/servicios/autorizaciones.asmx/mfsRecuperarListado" using the parameters mpsCentroin , mpsEmpresa , mpsProyecto , and mpsContrata . The affecte...