Lucene search
K

45 matches found

EUVD
EUVD
added 2026/04/10 7:39 p.m.4 views

EUVD-2026-21585

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...

3.7CVSS5.8AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/10 7:39 p.m.26 views

CVE-2026-40184 Unauthenticated Access to Uploaded Files in TREK

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...

3.7CVSS0.00235EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/10 7:39 p.m.3 views

CVE-2026-40184

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...

3.7CVSS5.8AI score0.00235EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/10 7:39 p.m.17 views

CVE-2026-40184

CVE-2026-40184 affects the TREK travel planner. Prior to version 2.7.2, TREK served uploaded photos without requiring authentication, exposing private assets. The issue is fixed in TREK 2.7.2. Connected sources consistently describe unauthenticated access to uploaded files as the root cause and c...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.8 views

PT-2026-32036

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2...

3.7CVSS5.8AI score0.00235EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.8 views

TREK 安全漏洞

TREK is a self-hosted, real-time collaboration travel planning tool developed by Maurice’s individual developer. It supports map management, budget tracking, and itinerary management. Versions of TREK prior to 2.7.2 contained security vulnerabilities, which stemmed from insufficient authorization...

7.1CVSS5.8AI score0.00209EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.13 views

PT-2026-32037

TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2...

7.1CVSS5.8AI score0.00209EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.8 views

TREK 访问控制错误漏洞

TREK is a self-hosted, real-time collaboration travel planning tool developed by Maurice’s individual developer. It supports map management, budget tracking, and itinerary management. Versions of TREK prior to 2.7.2 contained an access control vulnerability, which stemmed from the lack of...

5.3CVSS5.8AI score0.00235EPSS
Exploits0References4
Schneier on Security
Schneier on Security
added 2026/01/23 10:3 p.m.5 views

Friday Squid Blogging: Giant Squid in the Star Trek Universe

Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation 5. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

5.5AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-1525

Malware in sbrugna...

4.6CVSS6.4AI score0.00372EPSS
Exploits0References5
OSV
OSV
added 2023/07/24 4:15 a.m.3 views

CVE-2023-3862

A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Box Handler. The manipulation of the argument comment leads to cross site scripting. The attack may be...

4.7CVSS3.6AI score0.00361EPSS
Exploits0References2
Prion
Prion
added 2023/07/24 4:15 a.m.15 views

Cross site scripting

A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Box Handler. The manipulation of the argument comment leads to cross site scripting. The attack may be...

2.6CVSS4.5AI score0.00361EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/07/24 3:31 a.m.43 views

CVE-2023-3862 Travelmate Travelable Trek Management Solution Comment Box cross site scripting

A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Box Handler. The manipulation of the argument comment leads to cross site scripting. The attack may be...

3.1CVSS4.8AI score0.00361EPSS
Exploits0References2
CVE
CVE
added 2023/07/24 3:31 a.m.53 views

CVE-2023-3862

The CVE-2023-3862 issue affects Travelmate Travelable Trek Management Solution 1.0, specifically the Comment Box Handler component. The vulnerability is a Cross-Site Scripting flaw triggered by manipulating the comment parameter, with remote exposure and a high attack complexity. Exploitation is ...

4.7CVSS4.1AI score0.00361EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.5 views

Travelmate Travelable Trek Management Solution 跨站脚本漏洞

Travelmate Travelable Trek Management Solution is a business travel software from Travelmate, Inc. A cross-site scripting vulnerability exists in version 1.0 of Travelmate Travelable Trek Management Solution, which originates from an unknown function in the component Comment Box Handler that caus...

4.7CVSS4.4AI score0.00361EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.5 views

PT-2023-26534 · Unknown · Travelmate Travelable Trek Management Solution

Name of the Vulnerable Software and Affected Versions: Travelmate Travelable Trek Management Solution version 1.0 Description: A vulnerability was found in the component Comment Box Handler of the Travelmate Travelable Trek Management Solution. The manipulation of the comment argument leads to...

4.7CVSS6.5AI score0.00361EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2021/09/29 11:1 p.m.32 views

trek-expe.com Cross Site Scripting vulnerability OBB-2152688

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Openbugbounty
Openbugbounty
added 2021/09/25 4:58 p.m.20 views

trek-expe.com Cross Site Scripting vulnerability OBB-2149633

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Wired Threat Level
Wired Threat Level
added 2020/01/28 12:0 p.m.31 views

The US Space Force Has a Rough Launch on the Internet

From controversy over camo print to Star Trek comparisons, the new military branch can't buy a break online...

3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/01/13 5:58 p.m.6 views

nepaltravelstrek.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1067201 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.7AI score
Exploits0
Rows per page
Query Builder