Vulnerability Details CVE-2025-40639
A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo_send' parameter in the '/assets/php/calculate_discount.php'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.8%
CVSS Severity
CVSS v3 Score 9.8