← Back

Viafirma

viafirma

2 CVEs • 3 products

Products (3)

Click to collapse
Toggle
Inbox
inbox
1 CVE
Documents
documents
1 CVE
Documents Compose
documents_compose
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-41078
1Viafirma
2Documents
Documents Compose
Jan 29, 2026
Jan 12, 2026
8.7 HIGH· v4
8.1 HIGH· v3
N/A· v2
Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and esc...Show more
Weaknesses in the authorization mechanisms of Viafirma Documents v3.7.129 allow an authenticated user without privileges to list and access other user data, use user creation, modification, and deletion features, and escalate privileges by impersonating other users of the application in the generation and signing of documents.Show less
CVE-2025-41077
1Viafirma
1Inbox
Jan 29, 2026
Jan 12, 2026
8.6 HIGH· v4
8.1 HIGH· v3
N/A· v2
IDOR vulnerability has been found in Viafirma Inbox v4.5.13 that allows any authenticated user without privileges in the application to list all users, access and modify their data. This allows the user's email addresses...Show more
IDOR vulnerability has been found in Viafirma Inbox v4.5.13 that allows any authenticated user without privileges in the application to list all users, access and modify their data. This allows the user's email addresses to be modified and, subsequently, using the password recovery functionality to access the application by impersonating any user, including those with administrative permissions.Show less