CVE-2026-3111

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...

CVE-2025-62780

changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...

CVE-2025-42919 Information Disclosure vulnerability in SAP NetWeaver Application Server Java

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal metadata files could be accessed via manipulated URLs. An unauthenticated attacker could exploit this vulnerability by inserting arbitrary path components in the request, allowing unauthorized access...

CVE-2024-37297

CVE-2024-37297 affects WooCommerce on WordPress. An XSS flaw introduced in 8.8 can be triggered by crafting a link that injects HTML/JavaScript into classic checkout and registration forms via Sourcebuster.js, potentially allowing an attacker to hijack browser content and session data. The vulner...

Input validation

Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP...

The vulnerability of the iOS operating system, which allows a perpetrator to initiate certain processes

The vulnerability of the WebKit component of the iOS operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to initiate certain processes by manipulating URLs such as tel://, facetime://, and facetime-audio://...