Lucene search
K

7 matches found

CNVD
CNVD
added 2025/11/10 12:0 a.m.4 views

CanalDenuncia App Information Disclosure Vulnerability (CNVD-2025-30335)

CanalDenuncia App is a reporting channel application from CanalDenuncia Spain. An information disclosure vulnerability exists in CanalDenuncia App due to incorrect authorization validation of parameters iddenuncia and iduser in /backend/api/buscarTestigoByIdDenunciaUsuario.php. An attacker could...

8.7CVSS6.2AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 12:49 p.m.11 views

CVE-2025-41114

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDocumentosByIdDenunciaUsuario.php'...

8.7CVSS6.7AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/05 2:11 p.m.5 views

CVE-2025-41338

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarTestigoByIdDenunciaUsuario.php'...

8.7CVSS6.7AI score0.0027EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 2:15 p.m.4 views

CVE-2025-41341

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'seguro' in '/backend/api/buscarUsuarioByDenuncia.php'...

7.5CVSS5.8AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/04 1:18 p.m.4 views

EUVD-2025-37742

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDenunciasById.php'...

8.7CVSS6.2AI score0.0027EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-44997

Name of the Vulnerable Software and Affected Versions CanalDenuncia.app affected versions not specified Description A lack of authorization exists in CanalDenuncia.app, potentially allowing an attacker to access other users' information. This is achieved by sending a POST request through the id...

8.7CVSS6.4AI score0.0027EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.3 views

CanalDenuncia App 安全漏洞

CanalDenuncia App is a reporting channel application from the Spanish company CanalDenuncia. A security vulnerability exists in CanalDenuncia App, which stems from a lack of authorization checking, which allows an attacker to send a POST request to access other user information via the parameter...

8.7CVSS6.5AI score0.0027EPSS
Exploits0References1
Rows per page
Query Builder