CVE-2025-41112 | CanalDenuncia.app up to 4.4.7 buscarConfiguracionParametros2.php web authorization

Inserito da Angelo Barbosa | Nov 4, 2025 | CVE

A vulnerability described as problematic has been identified in CanalDenuncia.app up to 4.4.7. Affected is an unknown function of the file /backend/api/buscarConfiguracionParametros2.php. Such manipulation of the argument web leads to missing authorization.

This vulnerability is traded as CVE-2025-41112. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2025-41112 | CanalDenuncia.app up to 4.4.7 buscarConfiguracionParametros2.php web authorization

Post correlati

CVE-2024-34831 | Gibbon Core 26.0.00 library_manage_catalog_editProcess.php imageLink cross site scripting

CVE-2024-32143 | Podlove Podcast Publisher Plugin up to 4.1.0 on WordPress authorization

CVE-2025-1578 | PHPGurukul Online Shopping Portal 2.1 /search-result.php product sql injection

CVE-2014-125109 | BestWebSoft Portfolio Plugin up to 2.27 bws_menu/bws_menu.php bws_add_menu_render bwsmn_form_email cross site scripting