Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/11/07 12:49 p.m.11 views

CVE-2025-41340

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...

8.7CVSS6.7AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 2:15 p.m.4 views

CVE-2025-41340

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...

7.5CVSS5.8AI score0.00246EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/04 1:17 p.m.3 views

CVE-2025-41340 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...

8.7CVSS6.3AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 1:17 p.m.7 views

CVE-2025-41340 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...

8.7CVSS0.00246EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 1:16 p.m.12 views

CVE-2025-41339

CVE-2025-41339 affects CanalDenuncia.app. The issue is a lack of authorization that lets an attacker access other users’ information by sending a POST to /backend/api/buscarTipoDenuncia.php with the id_sociedad parameter. Documented impact is sensitive data exposure; CVSS vectors indicate high im...

8.7CVSS6.3AI score0.00246EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/04 1:16 p.m.3 views

EUVD-2025-37748

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idsociedad' in '/backend/api/buscarTipoDenuncia.php'...

8.7CVSS6.2AI score0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 1:16 p.m.4 views

CVE-2025-41339 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idsociedad' in '/backend/api/buscarTipoDenuncia.php'...

8.7CVSS0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/04 1:15 p.m.4 views

EUVD-2025-37752

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id' and ' 'idsociedad' in '/api/buscarEmpresaById.php'...

8.7CVSS6.2AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.3 views

CanalDenuncia App 安全漏洞

CanalDenuncia App is a reporting channel application from the Spanish company CanalDenuncia. A security vulnerability exists in CanalDenuncia App, which stems from a lack of authorization checking, which allows an attacker to send a POST request to access other users' information via the paramete...

8.7CVSS6.5AI score0.00246EPSS
Exploits0References1
Rows per page
Query Builder