Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

RedhatCVE
RedhatCVEadded 2025/11/14 2:3 p.m.4 views

CVE-2025-41069

Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...

5.3CVSS6.8AI score0.00055EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/13 3:30 p.m.3 views

EUVD-2025-169288

Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...

5.3CVSS6.2AI score0.00055EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/11/13 1:23 p.m.5 views

CVE-2025-41069 Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite

Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...

5.3CVSS0.00055EPSS
Exploits0References1
CVE
CVEadded 2025/11/13 1:23 p.m.10 views

CVE-2025-41069

The vulnerability is an Insecure Direct Object Reference (IDOR) in DeporSite of T-INNOVA. An attacker can manipulate requests via the idUsuario parameter in /ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimientos to access or modify resources they should not. Documented...

5.3CVSS6.3AI score0.00055EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-10931

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00185EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-10932

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00185EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-26395

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00227EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/09/04 8:14 a.m.1 views

CVE-2025-41030

Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnovav2/IntegrantesRecursov21/llamadaAjax/buscarPersona’ using the ‘dni’ parameter...

6.9CVSS6.8AI score0.00227EPSS
Exploits0References1
NVD
NVDadded 2025/09/02 9:15 a.m.1 views

CVE-2025-41030

Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnovav2/IntegrantesRecursov21/llamadaAjax/buscarPersona’ using the ‘dni’ parameter...

6.9CVSS0.00227EPSS
Exploits0References1
NVD
NVDadded 2025/09/02 9:15 a.m.2 views

CVE-2025-41031

Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnovac/FotoUsuario/llamadaAjax/uploadImage’...

6.9CVSS0.00227EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/02 8:15 a.m.5 views

CVE-2025-41031 Multiple vulnerabilities in Deporsite by T-INNOVA

Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnovac/FotoUsuario/llamadaAjax/uploadImage’...

6.9CVSS0.00227EPSS
Exploits0References1
CVE
CVEadded 2025/09/02 8:14 a.m.6 views

CVE-2025-41030

CVE-2025-41030 affects Deporsite by T-INNOVA. The root cause is lack of authorization, allowing an unauthenticated attacker to obtain information about other users via GET /ajax/TInnova_v2/Integrantes_Recurso_v2_1/llamadaAjax/buscarPersona using the dni parameter. The CVSSv4 base score is 6.9 (ME...

6.9CVSS6.2AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/09/02 12:0 a.m.1 views

T-INNOVA Deporsite 安全漏洞

T-INNOVA Deporsite is an application from T-INNOVA. A security vulnerability exists in T-INNOVA Deporsite that stems from a lack of authorization and could lead to obtaining information about other users via GET requests and dni parameters...

6.9CVSS6.4AI score0.00227EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/02 12:0 a.m.4 views

PT-2025-35544

Name of the Vulnerable Software and Affected Versions: Deporsite by T-INNOVA affected versions not specified Description: A lack of authorization exists in Deporsite by T-INNOVA. An unauthenticated attacker can modify other users' profile pictures by sending a POST request to the /ajax/TInnova...

6.9CVSS6.3AI score0.00227EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/04/17 1:35 p.m.8 views

CVE-2025-3574

Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/obtenerFamiliaUsuario" endpoint...

8.7CVSS6.5AI score0.00185EPSS
Exploits0References1
NVD
NVDadded 2025/04/15 9:15 a.m.7 views

CVE-2025-3575

Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/establecerUsuarioSeleccion" endpoint...

8.7CVSS0.00185EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/04/15 8:54 a.m.20 views

CVE-2025-3575 Insecure Direct Object Reference en Deporsite de T-INNOVA

Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/establecerUsuarioSeleccion" endpoint...

8.7CVSS0.00185EPSS
Exploits0References1
CVE
CVEadded 2025/04/15 8:54 a.m.53 views

CVE-2025-3575

CVE-2025-3575 affects Deporsite from T-INNOVA. The vulnerability is an Insecure Direct Object Reference allowing an attacker to retrieve sensitive information from other users through the idUsuario parameter at /helper/Familia/establecerUsuarioSeleccion. The CVE entry notes a high impact with CVS...

8.7CVSS6.1AI score0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/04/15 8:47 a.m.4 views

CVE-2025-3574 Insecure Direct Object Reference on Deporsite by T-INNOVA

Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/obtenerFamiliaUsuario" endpoint...

8.7CVSS6.7AI score0.00185EPSS
Exploits0References1
CVE
CVEadded 2025/04/15 8:47 a.m.49 views

CVE-2025-3574

CVE-2025-3574 —Insecure Direct Object Reference in Deporsite (T-INNOVA). An attacker can retrieve another user’s sensitive information by manipulating the idUsuario parameter of the /helper/Familia/obtenerFamiliaUsuario endpoint. Root cause: improper access control on user data access. Documented...

8.7CVSS6.1AI score0.00185EPSS
Exploits0References1
Rows per page
Query Builder