27 matches found
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
PT-2025-45154
Name of the Vulnerable Software and Affected Versions Quipux versions 4.0.1 through e1774ac Description A Cross Site Scripting issue exists in Quipux. The issue is located in the anexos/anexos nuevo.php file, specifically within the asocImgRad parameter. Recommendations Update Quipux to a version...
Ecuador Quipux 安全漏洞
Ecuador Quipux is an electronic document management and process system from Ecuador Ecuador. A security vulnerability exists in Ecuador Quipux versions 4.0.1 through e1774ac, which stems from improper handling of the parameter asocImgRad in the file anexos/anexosnuevo.php, which could lead to a...
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
EUVD-2025-37925
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
EUVD-2025-37931
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
Ecuador Quipux 安全漏洞
Ecuador Quipux is an electronic document management and process system from Ecuador Ecuador. A security vulnerability exists in Ecuador Quipux versions 4.0.1 through e1774ac, which stems from unvalidated parameters in multiple files and could lead to an SQL injection attack...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...