CVE-2019-25745

WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'tid' parameter. Attackers can send GET requests to the admin interface with malicious 'tid'...

Microsoft Graph Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...

CVE-2019-25745

WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'tid' parameter. Attackers can send GET requests to the admin interface with malicious 'tid'...

CVE-2019-25732

PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to the search endpoint with crafted SQL payloads in the query parameter to...

EUVD-2019-20168

PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to the search endpoint with crafted SQL payloads in the query parameter to...

CVE-2026-49077

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2...

CVE-2026-49077 WordPress WP eMember plugin <= v10.2.2 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2...

CVE-2026-49077

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2...

CVE-2026-49077 WordPress WP eMember plugin <= v10.2.2 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2...

CVE-2026-49077

CVE-2026-49077 concerns the WordPress WP eMember plugin and affects versions up to v10.2.2 (n/a through v10.2.2). It is described as an exposure of sensitive system information to an unauthorized control sphere, enabling retrieval of embedded sensitive data. The CVSS v3.1 base score is 5.3 (Mediu...

WordPress WP eMember plugin <= v10.2.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin WP eMember versions = v10.2.2...

SUSE CVE-2026-28958

This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data...

PT-2026-46404

Name of the Vulnerable Software and Affected Versions Microsoft Graph affected versions not specified Description Exposure of sensitive information in Microsoft Graph allows an authorized attacker to disclose information over a network. Recommendations At the moment, there is no information about...

PT-2026-46388

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required for the client’s operation. Version 2.4.28 contains a patch...

PT-2026-46156

System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data...

WordPress plugin eMember 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Microsoft Graph 信息泄露漏洞

Microsoft Graph is a unified API platform of the American company Microsoft. There is an information leakage vulnerability in Microsoft Graph; this vulnerability stems from the exposure of sensitive information to unauthorized actors, which may allow authorized attackers to disclose information...

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

CVE-2025-69755

An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted command to the atcommand.asp interface...

PT-2026-46394

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.221 Description A path traversal issue allows attackers to escape the workspace boundary by providing symlinks that resolve to files or directories outside the designated workspace root. By exploiting the...