12 matches found
CVE-2026-48244
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...
CVE-2026-48245 Open ISES Tickets < 3.44.2 Hardcoded Google Maps API Key in tables.php
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...
CVE-2026-48245 Open ISES Tickets < 3.44.2 Hardcoded Google Maps API Key in tables.php
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...
EUVD-2026-31328
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...
CVE-2026-48244
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...
CVE-2026-48244 Open ISES Tickets < 3.44.2 Hardcoded Google Maps API Key in settings.inc.php
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...
EUVD-2026-31323
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...
PT-2026-42522
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...
tickets 信任管理问题漏洞
Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a vulnerability related to trust management. This vulnerability stemmed from the hardcoding of a Google Maps API key in the settings.inc.php file. This...
CVE-2026-2589 Greenshift – animation and page builder blocks <= 12.8.3 - Unauthenticated Sensitive Information Exposure via Settings Backup
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...
CVE-2026-2589 Greenshift – animation and page builder blocks <= 12.8.3 - Unauthenticated Sensitive Information Exposure via Settings Backup
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 12.8.3 via the automated Settings Backup stored in a publicly accessible file. This makes it possible for unauthenticated attackers to...
Glassdoor: Unauthorized usage of External API Key (Usage of Google Maps API Key ==> $$$
A Google Maps API key was found in the source code of a Glassdoor webpage, which allowed unauthorized usage of the API. The API key was not configured securely...