Lucene search
K

344 matches found

Snyk
Snyk
added 2026/04/05 10:8 p.m.2 views

Directory Traversal

Overview griptape is a Modular Python framework for LLM workflows, tools, memory, and data. Affected versions of this package are vulnerable to Directory Traversal via the filename handling in the code-writing path used by executecodeincontainer in griptape/tools/computer/tool.py. An attacker can...

6.5CVSS7.2AI score0.00422EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/05 10:8 p.m.4 views

Directory Traversal

Overview griptape-tools is a Tools for the Griptape framework. Affected versions of this package are vulnerable to Directory Traversal via the filename handling in the code-writing path used by executecodeincontainer in griptape/tools/computer/tool.py. An attacker can write arbitrary files on the...

6.5CVSS7.2AI score0.00422EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.5 views

IOPaint 路径遍历漏洞

IOPaint is an AI-based image restoration and content generation tool developed by Qing. Version 1.5.3 of IOPaint contains a path traversal vulnerability, which stems from incorrect handling of the parameter filename in the file iopaint/filemanager/filemanager.py. This vulnerability may lead to pa...

7.5CVSS7.1AI score0.00624EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.6 views

CVE-2026-22508

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Dentalux dentalux allows PHP Local File Inclusion.This issue affects Dentalux: from n/a through = 3.3...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15787

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Deston deston allows PHP Local File Inclusion.This issue affects Deston: from n/a through = 1.0...

5.8AI score0.00512EPSS
Exploits0References2
CVE
CVE
added 2026/03/25 4:14 p.m.9 views

CVE-2026-27047

CVE-2026-27047 is an unauthenticated Local File Inclusion in Curly Core (WordPress plugin: curly-core) affecting version <= 2.1.6. The issue stems from improper control of filenames used in PHP include/require, enabling an attacker to include local files via a PHP Remote File Inclusion pattern...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.15 views

CVE-2026-22512

CVE-2026-22512 : WordPress Roisin theme

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin Unica 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00519EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin Lella 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin Amoli 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

WordPress plugin Dentalux 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

WordPress plugin Mr. Cobbler 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin Laurent 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin NeoBeat 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-27829

Name of the Vulnerable Software and Affected Versions AncoraThemes Dentalux versions n/a through 3.3 Description The software contains an improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. This allows an attacker to potentially inclu...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Roisin 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.10 views

WordPress plugin Kiddy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin Gioia 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00504EPSS
Exploits0References1
CVE
CVE
added 2026/03/19 8:39 a.m.13 views

CVE-2026-27065

BuilderPress (ThimPress) WordPress plugin

9.8CVSS5.9AI score0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.31 views

CVE-2026-32392 WordPress Greenly theme <= 8.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through = 8.1...

7.5CVSS0.00381EPSS
Exploits0References1
Rows per page
Query Builder