Lucene search
K

148 matches found

Cvelist
Cvelist
added 2025/11/04 1:17 p.m.6 views

CVE-2025-41342 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'iduser' in '/backend/api/buscarUsuarioId.php'...

8.7CVSS0.0027EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 1:17 p.m.10 views

CVE-2025-41342

CVE-2025-41342 involves CanalDenuncia.app with a missing authorization check that allows an attacker to access other users’ data by sending a POST to the endpoint /backend/api/buscarUsuarioId.php using the id_user parameter. This is a direct confidentiality impact (HIGH) described across multiple...

8.7CVSS6.3AI score0.0027EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/04 1:17 p.m.5 views

EUVD-2025-37747

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'idtpdenuncia' and 'idsociedad' in '/backend/api/buscarTipoDenunciabyId.php'...

8.7CVSS6.2AI score0.0027EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 1:15 p.m.7 views

CVE-2025-41113

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'iddenuncia' in '/backend/api/buscarDenunciaByPin.php'...

8.7CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 1:15 p.m.5 views

CVE-2025-41111

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'iddenuncia' in '/backend/api/buscarComentariosByDenuncia.php'...

8.7CVSS0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 1:10 p.m.4 views

CVE-2025-41114 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDocumentosByIdDenunciaUsuario.php'...

8.7CVSS0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/04 1:9 p.m.3 views

CVE-2025-41112 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros2.php'...

8.7CVSS6.3AI score0.00293EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 1:9 p.m.8 views

CVE-2025-41112 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros2.php'...

8.7CVSS0.00293EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 10:25 a.m.11 views

CVE-2025-11690 IDOR vulnerability in the CFMOTO RIDE API

An Insecure Direct Object Reference IDOR vulnerability exists in the vehicleId parameter, allowing unauthorized access to sensitive information of other users’ vehicles. Exploiting this issue enables an attacker to retrieve data such as GPS coordinates, encryption keys, initialization vectors,...

8.5CVSS0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.5 views

CanalDenuncia App 安全漏洞

CanalDenuncia App is a reporting channel application from CanalDenuncia Spain. An information disclosure vulnerability exists in CanalDenuncia App due to incorrect authorization validation of parameters iddenuncia and iduser in /backend/api/buscarTestigoByIdDenunciaUsuario.php. An attacker could...

8.7CVSS5.9AI score0.0027EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.7 views

PT-2025-45005

Name of the Vulnerable Software and Affected Versions CanalDenuncia.app affected versions not specified Description A lack of authorization allows an attacker to access other users' information. This is achieved by sending a POST request through the parameters id tp denuncia and id sociedad in th...

8.7CVSS6.4AI score0.0027EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.4 views

CanalDenuncia App 安全漏洞

CanalDenuncia App is a reporting channel application from the Spanish company CanalDenuncia. A security vulnerability exists in CanalDenuncia App, which stems from a lack of authorization checking, which allows an attacker to access other user information by sending a POST request containing the...

8.7CVSS6.4AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/14 9:15 a.m.7 views

EUVD-2025-34158

A vulnerability has been identified in SiPass integrated All versions V3.0. Affected server applications contains a broken access control vulnerability. The authorization mechanism lacks sufficient server-side checks, allowing an attacker to execute a specific API request. Successful exploitation...

5.1CVSS6.7AI score0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/14 9:15 a.m.7 views

CVE-2025-40773

A vulnerability has been identified in SiPass integrated All versions V3.0. Affected server applications contains a broken access control vulnerability. The authorization mechanism lacks sufficient server-side checks, allowing an attacker to execute a specific API request. Successful exploitation...

5.1CVSS0.00178EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-7049

Malware in sbrugna...

4.9CVSS6.5AI score0.0048EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-49586

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00802EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27172

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00394EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-32013

Malicious code in bioql PyPI...

6.6AI score0.002EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-43992

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00295EPSS
Exploits0References1
NVD
NVD
added 2025/09/08 8:15 p.m.8 views

CVE-2025-52389

An Insecure Direct Object Reference IDOR in Envasadora H2O Eireli - Soda Cristal v40.20.4 allows authenticated attackers to access sensitive data for other users via a crafted HTTP request...

8.8CVSS0.00394EPSS
Exploits0References2
Rows per page
Query Builder