DBHunter
Infinity Member
Golden Member
- Joined
- August 23, 2025
- Messages
- 2,221
- Reaction score
- 4,611
- Points
- 113
- Thread Author
- #1
A public edicts and legal notices system accessible through Edipub (/Edictos_estrados/) was found exposing indexed information without proper protection controls.
During the review, the following was identified:
Even if part of the data belongs to previous years, the exposure of internal logic, server paths, and operational documents creates a current security risk that could facilitate unauthorized access or misuse of sensitive information.
Data collection was successful, and a more detailed technical analysis of the exposure scope will be published soon.During the review, the following was identified:
- Source code exposure and internal server paths disclosed.More than 28,000 accessible records across multiple years.Use of a 2015 legacy version with no visible updates.Obsolete export functions increasing data leakage risks.Active April 2026 records containing citizen names, banks, and ongoing legal processes.
Even if part of the data belongs to previous years, the exposure of internal logic, server paths, and operational documents creates a current security risk that could facilitate unauthorized access or misuse of sensitive information.
If link Expires you could download from attachment
