CVE-2025-69081 WordPress Hope theme <= 3.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Hope charity-is-hope allows PHP Local File Inclusion.This issue affects Hope: from n/a through = 3.0.0...

CVE-2022-27982

RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution RCE vulnerability via the fileName parameter at /guestauth/cfg/upLoadCfg.php...

CVE-2026-21439

badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line...

CVE-2019-16123

In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure...

PT-2026-1646

Name of the Vulnerable Software and Affected Versions Hope versions through 3.0.0 Description The software contains an Improper Control of Filename for Include/Require Statement issue, specifically a PHP Local File Inclusion. The vulnerable component allows for the inclusion of local files...

CVE-2026-0641

A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112B20190227. This vulnerability affects the function sub401510 of the file cstecgi.cgi. The manipulation of the argument UPLOADFILENAME leads to command injection. The attack may be initiated remotely. The exploit has been...

CVE-2026-0641

A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112B20190227. This vulnerability affects the function sub401510 of the file cstecgi.cgi. The manipulation of the argument UPLOADFILENAME leads to command injection. The attack may be initiated remotely. The exploit has been...

CVE-2026-0641

Totolink WA300 5.2cu.7112_B20190227 has a command-injection vulnerability in cstecgi.cgi::sub_401510 via UPLOAD_FILENAME. Remote exploit disclosed; PoC exists. Remediation: upgrade to a patched firmware; as a temporary measure, restrict access to cstecgi.cgi or disable sub_401510.

CVE-2026-0641 TOTOLINK WA300 cstecgi.cgi sub_401510 command injection

A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112B20190227. This vulnerability affects the function sub401510 of the file cstecgi.cgi. The manipulation of the argument UPLOADFILENAME leads to command injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-32304

CVE-2025-32304 : WPCHURCH (WordPress plugin)

CVE-2025-69356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

CVE-2025-69342

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VanKarWai Calafate calafate allows PHP Local File Inclusion.This issue affects Calafate: from n/a through = 1.7.7...

CVE-2025-69083

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Frappé frappe allows PHP Local File Inclusion.This issue affects Frappé: from n/a through = 1.8...

CVE-2025-69083

CVE-2025-69083 describes an unauthenticated Local File Inclusion in the Frappé WordPress theme (Frappé

CVE-2025-69083 WordPress Frappé theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Frappé frappe allows PHP Local File Inclusion.This issue affects Frappé: from n/a through = 1.8...

CVE-2025-69083 WordPress Frappé theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Frappé frappe allows PHP Local File Inclusion.This issue affects Frappé: from n/a through = 1.8...

CVE-2025-69342 WordPress Calafate theme <= 1.7.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VanKarWai Calafate calafate allows PHP Local File Inclusion.This issue affects Calafate: from n/a through = 1.7.7...

CVE-2025-69342 WordPress Calafate theme <= 1.7.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VanKarWai Calafate calafate allows PHP Local File Inclusion.This issue affects Calafate: from n/a through = 1.7.7...

CVE-2025-69086

CVE-2025-69086 (Issabella theme) is an unauthenticated Local File Inclusion in the Issabella WordPress theme (

CVE-2025-69086 WordPress Issabella theme <= 1.1.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes Issabella issabella allows PHP Local File Inclusion.This issue affects Issabella: from n/a through = 1.1.2...