27 matches found
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
EUVD-2025-37924
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
PT-2025-45156
Name of the Vulnerable Software and Affected Versions Quipux versions 4.0.1 through e1774ac Description Quipux versions 4.0.1 through e1774ac are susceptible to SQL injection attacks. Authenticated users can exploit this issue through multiple PHP scripts and parameters. Specifically, the followi...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55342
Quipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users via the Administracion/usuarios/cambiarpasswordolvidovalidar.php txtlogin parameter...
CVE-2025-55341
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
PT-2025-45155
Name of the Vulnerable Software and Affected Versions Quipux versions 4.0.1 through e1774ac Description The software allows for the enumeration of usernames and access to the Ecuadorean identification number for all registered users. This is achieved by manipulating the txt login parameter within...
Ecuador Quipux 安全漏洞
Ecuador Quipux is an electronic document management and process system from Ecuador Ecuador. A security vulnerability exists in Ecuador Quipux versions 4.0.1 through e1774ac, which stems from improper handling of the txtlogin parameter and could lead to username enumeration and access to the...
CVE-2025-55343
Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqueda/busqueda.php txtdepecodi, busqueda/busqueda.php txtusuacodi, anexoslista.php raditemp, Administracion/listas/formAreaajax.php codDepe, Administracion/listas/formDepeHijoajax.php codDepe,...
CVE-2025-55343
Quipux CVE-2025-55343 affects Quipux 4.0.1 through e1774ac. Multiple authenticated endpoints are exploitable for SQL injection (for example busqueda/busqueda.php, anexos_lista.php, Administracion/listas/.ajax.php, asociar_documentos/ .php, radicacion/.php, reportes/ .php, tx/.php, uploadFiles/ .p...
EUVD-2025-37925
Cross Site Scripting vulnerability in Quipux 4.0.1 through e1774ac allows anexos/anexosnuevo.php asocImgRad...
Ecuador Quipux 安全漏洞
Ecuador Quipux is an electronic document management and process system from Ecuador Ecuador. A security vulnerability exists in Ecuador Quipux versions 4.0.1 through e1774ac, which stems from unvalidated parameters in multiple files and could lead to an SQL injection attack...