CVE-2025-41113 | CanalDenuncia.app up to 4.4.7 buscarDenunciaByPin.php id_denuncia authorization

Inserito da Angelo Barbosa | Nov 4, 2025 | CVE

A vulnerability classified as problematic has been found in CanalDenuncia.app up to 4.4.7. Affected by this vulnerability is an unknown functionality of the file /backend/api/buscarDenunciaByPin.php. Performing manipulation of the argument id_denuncia results in missing authorization.

This vulnerability is known as CVE-2025-41113. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2025-41113 | CanalDenuncia.app up to 4.4.7 buscarDenunciaByPin.php id_denuncia authorization

Post correlati

CVE-2024-23516 | Calculators World CC BMI Calculator Plugin up to 2.0.1 on WordPress cross site scripting

CVE-2024-43604 | Microsoft Outlook on Android insufficient granularity of access control

CVE-2024-11728 | iqonicdesign KiviCare Plugin up to 3.6.4 on WordPress visit_type[service_id] sql injection

CVE-2023-6942 | Mitsubishi Electric EZSocket missing authentication