exploitDog

CVE-2025-41028

Опубликовано: 20 окт. 2025

Источник: nvd

EPSS Низкий

Описание

A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-epsilon-rh

EPSS

Процентиль: 14%

0.00045

Низкий

Дефекты

CWE-89

Связанные уязвимости

GHSA-9c6x-55mp-cvpv

github

4 месяца назад

A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’.

EPSS

Процентиль: 14%

0.00045

Низкий

Дефекты

CWE-89