A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been classified as critical. This affects an unknown part of the file config/cargos.php. The manipulation of the argument dni_profe leads to sql injection.

This vulnerability is uniquely identified as CVE-2019-25159. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.