9 matches found
CVE-2025-41340
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...
CVE-2025-41340
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...
CVE-2025-41340 Missing Authorization vulnerability in CanalDenuncia.app
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...
CVE-2025-41340 Missing Authorization vulnerability in CanalDenuncia.app
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...
CVE-2025-41339
CVE-2025-41339 affects CanalDenuncia.app. The issue is a lack of authorization that lets an attacker access other users’ information by sending a POST to /backend/api/buscarTipoDenuncia.php with the id_sociedad parameter. Documented impact is sensitive data exposure; CVSS vectors indicate high im...
EUVD-2025-37748
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idsociedad' in '/backend/api/buscarTipoDenuncia.php'...
CVE-2025-41339 Missing Authorization vulnerability in CanalDenuncia.app
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idsociedad' in '/backend/api/buscarTipoDenuncia.php'...
EUVD-2025-37752
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id' and ' 'idsociedad' in '/api/buscarEmpresaById.php'...
CanalDenuncia App 安全漏洞
CanalDenuncia App is a reporting channel application from the Spanish company CanalDenuncia. A security vulnerability exists in CanalDenuncia App, which stems from a lack of authorization checking, which allows an attacker to send a POST request to access other users' information via the paramete...