CVE-2025-41002

UNKNOWN 0.0

SQL injection in Infoticketing

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

SQL injection vulnerability in Infoticketing. This vulnerability allows an unauthenticated attacker to retrieve, create, update, and delete the database by sending a POST request using the 'code' parameter in '/components/cart/cartApplyDiscount.php'.

CWE	CWE-89
Vendor	manantial de ideas
Product	infoticketing
Published	Feb 23, 2026
Last Updated	Feb 24, 2026

Stay Ahead of the Next One

Get instant alerts for manantial de ideas infoticketing

Be the first to know when new unknown vulnerabilities affecting manantial de ideas infoticketing are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

MANANTIAL DE IDEAS / Infoticketing

all versions

References

NVD ↗ CVE.org ↗ EPSS Data ↗

incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-infoticketing

Credits

Gonzalo Aguilar García (6h4ack)