EUVD-2026-29458

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...

CVE-2026-45218

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...

CVE-2026-45218

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through = 11.4.0...

CVE-2026-45218

Summary: WP Travel WordPress plugin (versions

WordPress plugin WP Travel SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress WP Travel plugin <= 11.4.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nhut Quang in WordPress Plugin WP Travel versions = 11.4.0...

GHSA-MPC7-MM28-F6WQ Mattermost allows authenticated guest users to enumerate user IDs outside their allowed visibility scope

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to apply view restrictions when retrieving group member IDs, which allows authenticated guest users to enumerate user IDs outside their allowed visibility scope via the group retrieval endpoint...

Secomea GateManager 安全漏洞

Secomea GateManager is a remote access server product developed by the Danish company Secomea. Version 11.4.0 of Secomea GateManager contains a security vulnerability. This vulnerability stems from improper authentication procedures, which may lead to authentication bypass...

WordPress SUMO Affiliates Pro plugin < 11.4.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin SUMO Affiliates Pro versions 11.4.0...

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69618

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69618

The CVE-2025-69618 entry concerns Tarot, Astro & Healing v11.4.0. A flaw in the file import process allows arbitrary file overwrite of critical internal files, potentially enabling arbitrary code execution or disclosure of sensitive information. Connected sources (e.g., Red Hat, NVD, CVE lists an...

EUVD-2021-14691

Malware in sbrugna...

CVE-2025-40630

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...

CVE-2025-40630

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...

CVE-2025-40630 Open redirection vulnerability in IceWarp Mail Server

Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...

PT-2025-21633 · Icewarp · Icewarp Mail Server

Name of the Vulnerable Software and Affected Versions: IceWarp Mail Server version 11.4.0 Description: The issue is an open redirection vulnerability that allows an attacker to redirect a user to any domain by sending a malicious URL to the victim. For example, an attacker could use a URL like...

PT-2025-21635 · Icewarp · Icewarp Mail Server

Name of the Vulnerable Software and Affected Versions: Icewarp Mail Server version 11.4.0 Description: The issue is related to cross-site scripting XSS that allows an attacker to modify the lastLogin cookie with malicious JavaScript code. This code will be executed when the page is rendered...

IceWarp Mail Server 安全漏洞

IceWarp Mail Server is a mail server product from the Czech company IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. A security vulnerability exists in IceWarp Mail Server version 11.4.0, which originates from HTTP host header injection and cou...

Hewlett Packard Enterprise Athonet vEPC MME 安全漏洞

Hewlett Packard Enterprise Athonet vEPC MME HPE Athonet vEPC MME is a device management system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise Athonet vEPC MME version 11.4.0, which stems from the presence of an invalid memory access condition th...