CVE-2025-41028 | Grupo Castilla Epsilon RH 3.03.36.010 POST Request WSAvisos.asmx sEstadoUsr sql injection

Inserito da Angelo Barbosa | Ott 20, 2025 | CVE

A vulnerability identified as critical has been detected in Grupo Castilla Epsilon RH 3.03.36.010. Impacted is an unknown function of the file /epsilonnetws/WSAvisos.asmx of the component POST Request Handler. Performing manipulation of the argument sEstadoUsr results in sql injection.

This vulnerability is reported as CVE-2025-41028. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-41028 | Grupo Castilla Epsilon RH 3.03.36.010 POST Request WSAvisos.asmx sEstadoUsr sql injection

Post correlati

CVE-2024-13367 | Sandbox Plugin up to 0.4 on WordPress authorization

CVE-2024-10922 | chaser324 Featured Posts Scroll Plugin up to 1.25 on WordPress Setting cross-site request forgery

CVE-2024-48941 | Syracom Secure Login Plugin up to 3.1.4.5 on Jira /rest access control

CVE-2023-32460 | Dell PowerEdge Platform prior 2.20.1 BIOS missing authentication (dsa-2023-361)