CNNVD-202511-376 Information

CNNVD ID

CNNVD-202511-376

Related CVE

CVE-2025-55342

• CNNVD Published: 2025-11-05

Description (Chinese)

Ecuador Quipux是厄瓜多尔Ecuador公司的一个电子文档管理与流程系统。 Ecuador Quipux 4.0.1版本至e1774ac版本存在安全漏洞，该漏洞源于txt_login参数处理不当，可能导致用户名枚举和访问所有注册用户的厄瓜多尔身份证号码。

Description (English)

Ecuador Quipux is an electronic document management and process system of the Ecuadorian company Ecuador. There is a security gap between Ecuador Quipux, Versions 4.01 and e1774ac, which stems from the mishandling of txt login parameters, which may lead to the listing of users and access to the Ecuadorian identity card numbers of all registered users.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ecuador

Published

2025-11-05

Last Modified

2026-02-24

References

https://minka.gob.ec/quipux-comunitario/quipux-comunitario https://seguridaddigital.ec/research/20251101/report-20251101.en.pdf