CVE-2026-1474

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion' en ‘/evaluacioninicio.aspx’, could allow an attacker to...

CVE-2026-1478

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacionhcaevalua.aspx’, could allow an attacker ...

CVE-2026-1478

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacionhcaevalua.aspx’, could allow an attacker ...

CVE-2025-41345

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'iddenuncia' and 'iduser' in '/backend/api/buscarDenunciasById.php'...

PT-2025-45010

Name of the Vulnerable Software and Affected Versions CanalDenuncia.app affected versions not specified Description A missing authorization issue exists in CanalDenuncia.app that allows an attacker to access other users' information. This is achieved by sending a POST request through the paramete...

PT-2025-44998

Name of the Vulnerable Software and Affected Versions CanalDenuncia.app affected versions not specified Description A missing authorization issue exists in CanalDenuncia.app that could allow an attacker to access other users' information. This is achieved by sending a POST request with the...