Vulnerability Description
SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’, ‘searchSpecialitiesLinked’, ‘searchUsersToUpdateProfile’, ‘training_action_data’, ‘showContinuingTrainingCourses’ and ‘showUsersToEdit’ in /local/administration/ajax.php.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-2199?
CVE-2025-2199 is a documented vulnerability. SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecti...
How severe is CVE-2025-2199?
CVSS scoring is not yet available for CVE-2025-2199. Check NVD for updates.
Is there a patch for CVE-2025-2199?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.