CanalDenuncia.app

CVEs (7)

CVE	Vendor / Product	CVSS	Published	Description
CVE-2025-41340	CanalDenuncia CanalDenuncia.app	—	Nov 4, 2025	A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_tp_denuncia' and 'id_sociedad' in '/backend/api/buscarTipoDenunciabyId.php'.
CVE-2025-41338	CanalDenuncia CanalDenuncia.app	—	Nov 4, 2025	A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'id_user' in '/backend/api/buscarTestigoByIdDenunciaUsuario.php'.
CVE-2025-41337	CanalDenuncia CanalDenuncia.app	—	Nov 4, 2025	A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'.
CVE-2025-41336	CanalDenuncia CanalDenuncia.app	—	Nov 4, 2025	A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros.php'.
CVE-2025-41114	CanalDenuncia CanalDenuncia.app	—	Nov 4, 2025	A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'id_user' in '/backend/api/buscarDocumentosByIdDenunciaUsuario.php'.
CVE-2025-41112	CanalDenuncia CanalDenuncia.app	—	Nov 4, 2025	A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros2.php'.
CVE-2025-41111	CanalDenuncia CanalDenuncia.app	—	Nov 4, 2025	A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'id_denuncia' in '/backend/api/buscarComentariosByDenuncia.php'.

CVE-2025-41340Nov 4, 2025
CanalDenuncia
CanalDenuncia.app
risk 0.00cvss —epss 0.00
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_tp_denuncia' and 'id_sociedad' in '/backend/api/buscarTipoDenunciabyId.php'.
CVE-2025-41338Nov 4, 2025
CanalDenuncia
CanalDenuncia.app
risk 0.00cvss —epss 0.00
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'id_user' in '/backend/api/buscarTestigoByIdDenunciaUsuario.php'.
CVE-2025-41337Nov 4, 2025
CanalDenuncia
CanalDenuncia.app
risk 0.00cvss —epss 0.00
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarSSOParametros.php'.
CVE-2025-41336Nov 4, 2025
CanalDenuncia
CanalDenuncia.app
risk 0.00cvss —epss 0.00
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros.php'.
CVE-2025-41114Nov 4, 2025
CanalDenuncia
CanalDenuncia.app
risk 0.00cvss —epss 0.00
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'id_user' in '/backend/api/buscarDocumentosByIdDenunciaUsuario.php'.
CVE-2025-41112Nov 4, 2025
CanalDenuncia
CanalDenuncia.app
risk 0.00cvss —epss 0.00
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros2.php'.
CVE-2025-41111Nov 4, 2025
CanalDenuncia
CanalDenuncia.app
risk 0.00cvss —epss 0.00
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'id_denuncia' in '/backend/api/buscarComentariosByDenuncia.php'.