CNNVD-202510-2632 Information

Oct 20, 2025 cve

CNNVD ID

CNNVD-202510-2632

CVE-2025-41028

  • CNNVD Published: 2025-10-20

Description (Chinese)

Grupo Castilla Epsilon RH是西班牙Grupo Castilla公司的一款人力资源管理软件。 Grupo Castilla Epsilon RH存在安全漏洞,该漏洞源于对文件/epsilonnetws/WSAvisos.asmx中参数sEstadoUsr的错误操作,可能导致SQL注入攻击。

Description (English)

Grupo Castilla Epsilon RH is a human resources management software for Grupo Castilla, Spain. There is a security loophole in Grupo Castilla Epsilon RH, which stems from a mishandling of the parameter sEstadoUsr in the document/epsilonnetws/WSAvisos.asmx, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Grupo Castilla

Published

2025-10-20

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-epsilon-rh

Patch

https://www.grupocastilla.es/

Share on: