CVE-2025-41114 | CanalDenuncia.app up to 4.4.7 buscarDocumentosByIdDenunciaUsuario.php id_denuncia authorization

Inserito da Angelo Barbosa | Nov 4, 2025 | CVE

A vulnerability classified as problematic was found in CanalDenuncia.app up to 4.4.7. Affected by this issue is some unknown functionality of the file /backend/api/buscarDocumentosByIdDenunciaUsuario.php. Executing manipulation of the argument id_denuncia can lead to missing authorization.

This vulnerability is handled as CVE-2025-41114. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2025-41114 | CanalDenuncia.app up to 4.4.7 buscarDocumentosByIdDenunciaUsuario.php id_denuncia authorization

Post correlati

CVE-2024-5674 | Newsletter Plugin up to 2.4.5 on WordPress Email Subscribers Management authorization

CVE-2025-38120 | Linux Kernel up to 8058c88ac0df21239daee54b5934d5c80ca9685f netfilter nf_set_pipapo_avx2 memory leak

CVE-2023-52109 | Huawei HarmonyOS/EMUI data authenticity

CVE-2025-12203 | givanz Vvveb up to 1.0.7.3 Code Editor system/functions.php sanitizeFileName File path traversal (Issue 333)