16 matches found
CVE-2026-30891
Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a user could access another user's private activity due to insufficient authorization checks in the user actions endpoint. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a pat...
CVE-2024-30891
creationtimestamp| type| source ---|---|--- 2025-12-21 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-12-21 2026-03-20 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2026-03-20 2026-03-22 00:00:00+00:00| seen| The Shadowserver...
CVE-2025-30891
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through = 1.8.7...
CVE-2025-30891
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through = 1.8.7...
CVE-2025-30891
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through = 1.8.7...
CVE-2025-30891 WordPress WpTravelly Plugin <= 1.8.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through = 1.8.7...
CVE-2025-30891
CVE-2025-30891 affects WordPress plugin “WpTravelly” (Tour & Travel Booking Plugin for WooCommerce). The description in the initial document indicates an improper control of filename for include/require statements in PHP, enabling PHP Local File Inclusion (LFI) via a Remote File Inclusion vulnera...
CVE-2025-30891 WordPress WpTravelly Plugin <= 1.8.7 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magepeopleteam WpTravelly tour-booking-manager allows PHP Local File Inclusion.This issue affects WpTravelly: from n/a through = 1.8.7...
CVE-2023-30891
creationtimestamp| type| source ---|---|--- 2025-03-05 21:01:57+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3ljnutm2rzz2t...
PT-2024-30891 · Nicejob · Nicejob
Name of the Vulnerable Software and Affected Versions: NiceJob versions prior to 3.6.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS on web pages created by NiceJob...
VulnCheck KEV: CVE-2024-30891
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...
CVE-2024-30891
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...
CVE-2024-30891
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...
CVE-2024-30891
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...
CVE-2021-30891
...
CVE-2021-30891
This CVE entry is rejected/not used as stated in the description.