EUVD-2025-204049

Improper Control of Generation of Code 'Code Injection' vulnerability in jetmonsters Hotel Booking Lite motopress-hotel-booking-lite allows Remote Code Inclusion.This issue affects Hotel Booking Lite: from n/a through = 5.2.3...

PT-2025-52196

Improper Control of Generation of Code 'Code Injection' vulnerability in jetmonsters Hotel Booking Lite motopress-hotel-booking-lite allows Remote Code Inclusion.This issue affects Hotel Booking Lite: from n/a through = 5.2.3...

WordPress plugin Hotel Booking Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2025-10703

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

CVE-2025-10702

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

CVE-2025-10702

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

CVE-2025-10703

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

CVE-2025-10703

CVE-2025-10703 is a code injection vulnerability tied to the SpyAttribute log=(file) option in Progress DataDirect JDBC drivers and related DataDirect products (DataDirect Connect for JDBC, OpenAccess JDBC, Hybrid Data Pipeline JDBC/Server). The issue arises when an application allows an end user...

CVE-2025-10702

Improper Control of Generation of Code 'Code Injection' vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JD...

CVE-2025-10702

CVE-2025-10702 is a code-injection vulnerability in Progress DataDirect JDBC family (DataDirect Connect for JDBC, OpenAccess JDBC, and Hybrid Data Pipeline). The issue centers on the SpyAttribute connection option, which can be used with an undocumented syntax to load an arbitrary class on the cl...

Progress多款产品 代码注入漏洞

Progress Hybrid Data Pipeline and others are products of Progress, Inc.Progress Hybrid Data Pipeline is a data pipeline software.Progress Hybrid Data Pipeline Server is a data pipeline server. Progress DataDirect Connect for JDBC is a set of high-performance JDBC drivers. A code injection...

PT-2025-47466

Name of the Vulnerable Software and Affected Versions Progress DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392 Progress DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805 Progress DataDirect Connect for JDBC for Hive versions through...

Progress多款产品 代码注入漏洞

Progress Hybrid Data Pipeline and others are products of Progress, Inc.Progress Hybrid Data Pipeline is a data pipeline software.Progress Hybrid Data Pipeline Server is a data pipeline server. Progress DataDirect Connect for JDBC is a set of high-performance JDBC drivers. A code injection...

CVE-2025-49372

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

EUVD-2025-38015

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372 WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372 WordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372

CVE-2025-49372 is an unauthenticated remote code execution in WordPress HAPPY plugin &lt;= 1.0.7 (VillaTheme HAPPY happy-helpdesk-support-ticket-system) caused by Improper Control of Generation of Code (Code Injection) leading to Remote Code Inclusion. Red Hat and NVD entries corroborate the same...

WordPress plugin HAPPY 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injecti...