CVE-2025-62109

Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...

EUVD-2025-202031

Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...

PT-2025-49998

Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...

CVE-2025-62904

The CVE concerns the WordPress WP Geo plugin (wp-geo) versions up to and including 3.5.1, with a Stored XSS vulnerability arising from improper input neutralization during Web Page Generation. The issue affects WP Geo in the range from n/a through 3.5.1. The Red Hat and ENISA/enrichment sources c...

CVE-2021-33898

In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize in app/Ninja/Repositories/AccountRepository.php that may allow an attacker to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's input must be hosted at...

Design/Logic Flaw

In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize in app/Ninja/Repositories/AccountRepository.php that may allow an attacker to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's input must be hosted at...

PT-2007-1946 · Phpadsnew · Openads

Name of the Vulnerable Software and Affected Versions: Openads aka phpAdsNew version 2.0.7 Description: Multiple PHP remote file inclusion issues allow remote attackers to execute arbitrary PHP code via a URL in the 1 phpAds geoPlugin parameter to "libraries/lib-remotehost.inc", the 2 filename...