5 matches found
CVE-2024-50434
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themehorse NewsCard newscard.This issue affects NewsCard: from n/a through = 1.3...
CVE-2024-50434
creationtimestamp| type| source ---|---|--- 2024-10-28 22:01:31+00:00| seen| https://t.me/cvedetector/9176...
CVE-2024-50434
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themehorse NewsCard newscard.This issue affects NewsCard: from n/a through = 1.3...
CVE-2024-50434
CVE-2024-50434 : Local File Inclusion in WordPress Theme NewsCard (versions <= 1.3) due to improper control of filename in include/require statements. This may enable an unauthenticated attacker to include arbitrary local files via crafted input, potentially leading to code execution. A fix is...
WordPress NewsCard Theme <= 1.3 is vulnerable to Local File Inclusion
Software NewsCard Type Theme Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-50434 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ddf0621fd895 Credits tahu.datar Required privilege Unauthenticated...