A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users’ information by sending a POST through the parameter ‘web’ in...
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users’ information by sending a POST through the parameter ‘web’ in...
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users’ information by sending a POST through the parameters ‘id’ and ‘ ‘id_sociedad’ in...
The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class.
The Easy Upload Files During Checkout plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing file type validation in the ‘file_during_checkout’ function in all versions up to, and including, 2.9.8. This makes it possible for...
