7 matches found
CanalDenuncia App Information Disclosure Vulnerability (CNVD-2025-30335)
CanalDenuncia App is a reporting channel application from CanalDenuncia Spain. An information disclosure vulnerability exists in CanalDenuncia App due to incorrect authorization validation of parameters iddenuncia and iduser in /backend/api/buscarTestigoByIdDenunciaUsuario.php. An attacker could...
CVE-2025-41114
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDocumentosByIdDenunciaUsuario.php'...
CVE-2025-41338
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarTestigoByIdDenunciaUsuario.php'...
CVE-2025-41341
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'seguro' in '/backend/api/buscarUsuarioByDenuncia.php'...
EUVD-2025-37742
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDenunciasById.php'...
PT-2025-44997
Name of the Vulnerable Software and Affected Versions CanalDenuncia.app affected versions not specified Description A lack of authorization exists in CanalDenuncia.app, potentially allowing an attacker to access other users' information. This is achieved by sending a POST request through the id...
CanalDenuncia App 安全漏洞
CanalDenuncia App is a reporting channel application from the Spanish company CanalDenuncia. A security vulnerability exists in CanalDenuncia App, which stems from a lack of authorization checking, which allows an attacker to send a POST request to access other user information via the parameter...