Epsilon RH SQL Injection Vulnerability
Vulnerability
A SQL injection vulnerability exists in Epsilon RH by Grupo Castilla. This issue allows attackers to retrieve, create, update, and delete database records by sending a POST request with the 'sEstadoUsr' parameter to '/epsilonnetws/WSAvisos.asmx'.
Impact
Exploitation of this vulnerability allows for unauthorized database manipulation, including retrieval, creation, updating, and deletion of records.
Added: Oct 20, 2025, 9:17 AM
Updated: Oct 20, 2025, 9:17 AM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
5.0exploitability
7.4remediation
0.0relevance
0.8threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.