8788 matches found
(0Day) Microsoft Windows dir Command Improper Character Neutralization Vulnerability
This vulnerability allows remote attackers to display misleading terminal output on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
EUVD-2025-202320
Cross Site Scripting XSS vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to execute arbitrary code via the 1 config, 2 filename, or 3 extratext parameter to allskySettings.php. When the page is reloaded or when user visits allskySettings.php, the showMessages function in...
CVE-2025-65572
Cross Site Scripting XSS vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to execute arbitrary code via the 1 config, 2 filename, or 3 extratext parameter to allskySettings.php. When the page is reloaded or when user visits allskySettings.php, the showMessages function in...
EUVD-2025-202122
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster noo-jobmonster allows PHP Local File Inclusion.This issue affects Jobmonster: from n/a through = 4.8.2...
EUVD-2025-202121
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in trippleS Exhibz exhibz allows PHP Local File Inclusion.This issue affects Exhibz: from n/a through = 3.0.9...
EUVD-2025-202123
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Select Core select-core allows PHP Local File Inclusion.This issue affects Select Core: from n/a through 2.6...
EUVD-2025-201938
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dream-Theme The7 dt-the7 allows PHP Local File Inclusion.This issue affects The7: from n/a through = 12.8.0.2...
CVE-2025-67528
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Urna urna allows PHP Local File Inclusion.This issue affects Urna: from n/a through = 2.5.12...
CVE-2025-67522
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in NooTheme Jobmonster noo-jobmonster allows PHP Local File Inclusion.This issue affects Jobmonster: from n/a through = 4.8.2...
CVE-2025-67515
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through 3.5...
CVE-2025-63062
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-63076 WordPress The7 Elements plugin <= 2.7.11 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dream-Theme The7 Elements dt-the7-core allows PHP Local File Inclusion.This issue affects The7 Elements: from n/a through = 2.7.11...
CVE-2025-63076 WordPress The7 Elements plugin <= 2.7.11 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dream-Theme The7 Elements dt-the7-core allows PHP Local File Inclusion.This issue affects The7 Elements: from n/a through = 2.7.11...
CVE-2025-63074 WordPress The7 theme < 12.8.1.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dream-Theme The7 dt-the7 allows PHP Local File Inclusion.This issue affects The7: from n/a through 12.8.1.1...
CVE-2025-63074
CVE-2025-63074 affects WordPress/The7 theme (Dream-Theme The7 dt-the7) with an Improper filename control leading to PHP Local File Inclusion. Vulnerable when using The7 versions up to and including 12.8.0.2; CVSS v3.1 base score 7.5 (High) with network access, high impact to confidentiality, inte...
CVE-2025-63062
CVE-2025-63062 affects the WordPress UDesign Core plugin (≤ 4.14.0). The issue is an improper control of filenames for PHP include/require statements, leading to PHP Local File Inclusion (LFI) in u-design-core. Documents describe it as a PHP Remote File Inclusion vulnerability that actually permi...
CVE-2025-63062 WordPress UDesign Core plugin <= 4.14.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-63062 WordPress UDesign Core plugin <= 4.14.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AndonDesign UDesign Core u-design-core allows PHP Local File Inclusion.This issue affects UDesign Core: from n/a through = 4.14.0...
CVE-2025-63036
CVE-2025-63036 affects the WordPress Ronneby Theme Core plugin (
CVE-2025-67532
CVE-2025-67532 affects Hara WordPress Theme