CVE-2025-41348 | Informática del Este WinPlus 24.11.27 POST Request getacumper_post val1/cont sql injection

A vulnerability was found in Informática del Este WinPlus 24.11.27 and classified as critical. Affected by this issue is some unknown functionality of the file /WinplusPortal/ws/sWinplus.svc/json/getacumper_post of the component POST Request Handler. The manipulation of the argument val1/cont results in sql injection.

This vulnerability is cataloged as CVE-2025-41348. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More