3 matches found
CVE-2025-67917
CVE-2025-67917 describes a Missing Authorization vulnerability in Travel Traveler (Travel Booking WordPress Theme), affecting Travel Traveler up to version 3.2.6. The root cause is incorrectly configured access control that could allow unauthorized access to certain resources. Wordfence documenta...
CVE-2023-28097
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large Content-Length value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memo...
PT-2023-18671 · Rapid7 · Rapid7 Insight Agent
Name of the Vulnerable Software and Affected Versions: Rapid7 Insight Agent versions 3.2.6 and below Description: The issue is related to a Directory Traversal vulnerability. Unsantized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path, potentially allowing an...