4 matches found
EUVD-2025-37748
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idsociedad' in '/backend/api/buscarTipoDenuncia.php'...
CVE-2025-41339 Missing Authorization vulnerability in CanalDenuncia.app
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idsociedad' in '/backend/api/buscarTipoDenuncia.php'...
CVE-2025-41339
CVE-2025-41339 affects CanalDenuncia.app. The issue is a lack of authorization that lets an attacker access other users’ information by sending a POST to /backend/api/buscarTipoDenuncia.php with the id_sociedad parameter. Documented impact is sensitive data exposure; CVSS vectors indicate high im...
CanalDenuncia App 安全漏洞
CanalDenuncia App is a reporting channel application from the Spanish company CanalDenuncia. A security vulnerability exists in CanalDenuncia App, which stems from a lack of authorization checking, which allows an attacker to send a POST request to access other users' information via the paramete...