5 matches found
EUVD-2026-12397
Stored Cross-Site Scripting XSS vulnerability in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/configuracion/agenda/modelo-formulario-evento'. A user with permission to create personalized accounts could exploit this vulnerability simply by creating a malicious survey...
langextract-poc
LangExtract POC - Arquitectura Hexagonal Sistema de extracció...
EUVD-2025-37751
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'web' in '/backend/api/buscarConfiguracionParametros.php'...
CVE-2025-41336
CVE-2025-41336 describes a lack of authorization in CanalDenuncia.app. A malicious actor could access other users’ information by sending a POST request to the API endpoint /backend/api/buscarConfiguracionParametros.php with the parameter web. The effect is exposure of user data due to missing ac...
Spotify 1.0.96.181 - Proxy configuration Denial of Service (PoC)
Spotify 1.0.96.181 - Proxy configuration Denial of Service PoC Exploit Title: Spotify 1.0.96.181 - "Proxy configuration" Denial of Service PoC Discovery by: Aaron V. Hernandez Discovery Date: 2019-01-15 Vendor Homepage: https://www.spotify.com Software Link:...