36 matches found
CVE-2025-41069
Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...
EUVD-2025-169288
Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...
CVE-2025-41069
Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...
CVE-2025-41069 Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite
Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...
CVE-2025-41069 Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite
Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...
CVE-2025-41069
The vulnerability is an Insecure Direct Object Reference (IDOR) in DeporSite of T-INNOVA. An attacker can manipulate requests via the idUsuario parameter in /ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimientos to access or modify resources they should not. Documented...
T-INNOVA Deporsite 安全漏洞
T-INNOVA Deporsite is an application from T-INNOVA, Inc. A security vulnerability exists in T-INNOVA Deporsite that stems from an insecure direct object reference that could lead to unauthorized resource access or modification...
PT-2025-46828
Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in ‘/ajax/TInnova v2/Formulario...
EUVD-2025-10931
Malicious code in bioql PyPI...
EUVD-2025-10932
Malicious code in bioql PyPI...
EUVD-2025-26395
Malicious code in bioql PyPI...
CVE-2025-41031
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnovac/FotoUsuario/llamadaAjax/uploadImage’...
CVE-2025-41030
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnovav2/IntegrantesRecursov21/llamadaAjax/buscarPersona’ using the ‘dni’ parameter...
CVE-2025-41030
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnovav2/IntegrantesRecursov21/llamadaAjax/buscarPersona’ using the ‘dni’ parameter...
CVE-2025-41031 Multiple vulnerabilities in Deporsite by T-INNOVA
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnovac/FotoUsuario/llamadaAjax/uploadImage’...
CVE-2025-41031 Multiple vulnerabilities in Deporsite by T-INNOVA
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnovac/FotoUsuario/llamadaAjax/uploadImage’...
CVE-2025-41030 Multiple vulnerabilities in Deporsite by T-INNOVA
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnovav2/IntegrantesRecursov21/llamadaAjax/buscarPersona’ using the ‘dni’ parameter...
CVE-2025-41030 Multiple vulnerabilities in Deporsite by T-INNOVA
Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnovav2/IntegrantesRecursov21/llamadaAjax/buscarPersona’ using the ‘dni’ parameter...
CVE-2025-41030
CVE-2025-41030 affects Deporsite by T-INNOVA. The root cause is lack of authorization, allowing an unauthenticated attacker to obtain information about other users via GET /ajax/TInnova_v2/Integrantes_Recurso_v2_1/llamadaAjax/buscarPersona using the dni parameter. The CVSSv4 base score is 6.9 (ME...
PT-2025-35543
Name of the Vulnerable Software and Affected Versions: Deporsite by T-INNOVA affected versions not specified Description: The application lacks proper authorization, allowing an unauthenticated attacker to obtain information from other users. This is achieved by sending a GET request to the...