CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

21 matches found

Vulnrichment•added 2026/01/22 4:51 p.m.•2 views

CVE-2025-67946 WordPress AdForest theme <= 6.0.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in scriptsbundle AdForest adforest allows PHP Local File Inclusion.This issue affects AdForest: from n/a through = 6.0.11...

5.9AI score0.00222EPSS

Exploits0References1

Positive Technologies•added 2026/01/08 12:0 a.m.•3 views

PT-2026-1786

Name of the Vulnerable Software and Affected Versions ThemeMove Mitech versions prior to 2.3.5 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

9.8CVSS6.4AI score0.00066EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-2935

Malware in sbrugna...

7.2CVSS6.1AI score0.06861EPSS

Exploits2References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-53078

Malicious code in bioql PyPI...

7.5CVSS8.7AI score0.03424EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-17483

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00547EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-14845

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.002EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2024-29341

Malicious code in bioql PyPI...

8CVSS8.8AI score0.01844EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-9854

Malicious code in bioql PyPI...

7.5CVSS8.2AI score0.01855EPSS

Exploits0References2

Vulnrichment•added 2025/07/02 2:5 p.m.•1 views

CVE-2025-49588 Linkwarden Local File Inclusion Vulnerability

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other...

8.7CVSS6.4AI score0.00385EPSS

Exploits0References1

RedhatCVE•added 2025/06/29 12:6 p.m.•4 views

CVE-2025-28947

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme MBStore - Digital WooCommerce WordPress Theme mbstore allows PHP Local File Inclusion.This issue affects MBStore - Digital WooCommerce WordPress Theme: from n/a through ...

8.1CVSS5.9AI score0.00547EPSS

Exploits0References1

Positive Technologies•added 2025/06/27 12:0 a.m.•1 views

PT-2025-27132 · Unknown · Ovatheme Brw

Name of the Vulnerable Software and Affected Versions: ovatheme BRW versions 1.7.9 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File...

8.1CVSS7AI score0.00547EPSS

Exploits0References3

NVD•added 2025/06/17 3:15 p.m.•2 views

CVE-2025-49260

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through = 1.3.9...

8.1CVSS0.00547EPSS

Exploits0References1

RedhatCVE•added 2025/06/11 4:3 p.m.•1 views

CVE-2025-32595

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Krowd krowd allows PHP Local File Inclusion.This issue affects Krowd: from n/a through 1.5.0...

8.1CVSS7.2AI score0.00547EPSS

Exploits0References1

RedhatCVE•added 2025/05/25 1:19 p.m.•6 views

CVE-2025-46454

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in svil4ok Meta Keywords & Description wp-meta-keywords-meta-description allows PHP Local File Inclusion.This issue affects Meta Keywords & Description: from n/a through = 0.8...

7.5CVSS7.2AI score0.00499EPSS

Exploits0References1

NVD•added 2025/05/23 1:15 p.m.•2 views

CVE-2025-32294

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Oxpitan oxpitan allows PHP Local File Inclusion.This issue affects Oxpitan: from n/a through = 1.3.5...

8.1CVSS0.00547EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 11:40 a.m.•3 views

CVE-2025-24782

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpWax Post Grid, Slider & Carousel Ultimate post-grid-carousel-ultimate allows PHP Local File Inclusion.This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through...

8.8CVSS7.2AI score0.00338EPSS

Exploits0References1

CVE•added 2025/04/24 4:8 p.m.•47 views

CVE-2025-46230

CVE-2025-46230 affects WordPress Popup Builder (plugin) up to version 1.1.35. The vulnerability is an improper filename control in PHP Include/Require (Local File Inclusion). Impact per sources is high (C/VSS metrics), enabling potential arbitrary file access via LFI. Remediation: upgrade to a fi...

7.5CVSS7.2AI score0.00816EPSS

Exploits0References1

NVD•added 2025/03/31 6:15 a.m.•9 views

CVE-2025-31387

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in InstaWP InstaWP Connect instawp-connect allows PHP Local File Inclusion.This issue affects InstaWP Connect: from n/a through = 0.1.0.82...

7.5CVSS0.01012EPSS

Exploits0References1

RedhatCVE•added 2025/03/29 11:34 a.m.•3 views

CVE-2025-30785

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle Subscribe to Download Lite subscribe-to-download-lite allows PHP Local File Inclusion.This issue affects Subscribe to Download Lite: from n/a through = 1.2.9...

7.5CVSS7.2AI score0.00875EPSS

Exploits0References1

CVE•added 2025/03/27 10:55 a.m.•49 views

CVE-2025-30891

CVE-2025-30891 affects WordPress plugin “WpTravelly” (Tour & Travel Booking Plugin for WooCommerce). The description in the initial document indicates an improper control of filename for include/require statements in PHP, enabling PHP Local File Inclusion (LFI) via a Remote File Inclusion vulnera...

8.8CVSS7.2AI score0.01549EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by