CVE-2025-41335

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id' and ' 'idsociedad' in '/api/buscarEmpresaById.php'...

CVE-2025-41343

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'email' in '/backend/api/users/searchUserByEmail.php'...

CVE-2025-41337

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'...

CVE-2025-41342

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'iduser' in '/backend/api/buscarUsuarioId.php'...

CVE-2025-41344

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idarchivo' in '/backend/api/verArchivo.php'...

CVE-2025-41337

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'...

CVE-2025-41337

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'...

CVE-2025-41336

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros.php'...

CVE-2025-41338

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarTestigoByIdDenunciaUsuario.php'...

CVE-2025-41344 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idarchivo' in '/backend/api/verArchivo.php'...

CVE-2025-41339

CVE-2025-41339 affects CanalDenuncia.app. The issue is a lack of authorization that lets an attacker access other users’ information by sending a POST to /backend/api/buscarTipoDenuncia.php with the id_sociedad parameter. Documented impact is sensitive data exposure; CVSS vectors indicate high im...

CVE-2025-41111

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'iddenuncia' in '/backend/api/buscarComentariosByDenuncia.php'...

EUVD-2025-37753

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDocumentosByIdDenunciaUsuario.php'...

CVE-2025-41114

CanalDenuncia.app is affected by a missing authorization vulnerability allowing an attacker to access other users’ information via a POST to /backend/api/buscarDocumentosByIdDenunciaUsuario.php with id_denuncia and id_user. The root cause is improper authorization validation for these parameters,...

CanalDenuncia App 安全漏洞

CanalDenuncia App is a reporting channel application from CanalDenuncia Spain. An information disclosure vulnerability exists in CanalDenuncia App due to incorrect authorization validation of parameters iddenuncia and iduser in /backend/api/buscarTestigoByIdDenunciaUsuario.php. An attacker could...

PT-2025-45009

Name of the Vulnerable Software and Affected Versions CanalDenuncia.app affected versions not specified Description A lack of authorization exists in CanalDenuncia.app, potentially allowing an attacker to access other users' information. This is achieved by sending a POST request through the id...