8 matches found
CVE-2025-12461
CVE-2025-12461 affects Grupo Castilla Epsilon RH. The issue allows an attacker to access the unprotected path …/epsilonnet/License/About.aspx and disclose license details and product configuration, including installed modules. The root cause is lack of access control on that path. Impact is infor...
CVE-2025-12461 Unprotected access to parts of the application in Epsilon RH by Grupo Castilla
This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...
CVE-2025-12461 Unprotected access to parts of the application in Epsilon RH by Grupo Castilla
This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which...
CVE-2025-41028
A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...
CVE-2025-41028
A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...
CVE-2025-41028 SQL injection in Epsilon RH
A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...
CVE-2025-41028
CVE-2025-41028 affects the Epsilon RH software from Grupo Castilla. The vulnerability is a SQL Injection that allows an attacker to retrieve, create, update, and delete data by sending a POST request that uses the parameter sEstadoUsr in the endpoint /epsilonnetws/WSAvisos.asmx . This is document...
Grupo Castilla Epsilon RH 安全漏洞
Grupo Castilla Epsilon RH is a human resource management software from the Spanish company Grupo Castilla. A security vulnerability exists in Grupo Castilla Epsilon RH, which stems from incorrect manipulation of the parameter sEstadoUsr in the file /epsilonnetws/WSAvisos.asmx, which could lead to...