WordPress plugin FundEngine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin eventlist 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Funnel Builder by FunnelKit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-33986 · WordPress · Radiustheme Widget For Google Reviews

Name of the Vulnerable Software and Affected Versions: RadiusTheme Widget for Google Reviews versions through 1.0.15 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File...

PT-2025-34009 · Tribulant · Tribulant Software Newsletters

Name of the Vulnerable Software and Affected Versions: Tribulant Software Newsletters versions not specified through 4.10 Description: The software contains an improper control of filename for include/require statement, leading to a PHP Local File Inclusion issue. Recommendations: Versions prior ...

PT-2025-33931 · Roxnor · Roxnor Fundengine

Name of the Vulnerable Software and Affected Versions: Roxnor FundEngine versions through 1.7.4 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusion...

PT-2025-34024 · Unknown · Funnelkit Funnel Builder

Name of the Vulnerable Software and Affected Versions: FunnelKit Funnel Builder versions through 3.11.1 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion vulnerability within FunnelKit Funnel...

PT-2025-33974 · WordPress · Zoloblocks

Name of the Vulnerable Software and Affected Versions: bdthemes ZoloBlocks versions through 2.3.2 Description: An improper control of filename for include/require statement exists in bdthemes ZoloBlocks, allowing for PHP Local File Inclusion. This issue is related to a PHP Remote File Inclusion...

PT-2025-34007 · Unknown · Schiocco Support Board

Name of the Vulnerable Software and Affected Versions: Schiocco Support Board versions through 3.8.0 Description: The software contains an improper control of filename for include/require statements, leading to a PHP local file inclusion issue. Recommendations: Versions prior to 3.8.0 are affecte...

PT-2025-34098 · Undefined · Undefined

LeapFTP 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the input and overwrites the Structured Exception Handler SEH chain...

Linux Distros Unpatched Vulnerability : CVE-2021-43299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a...

Linux Distros Unpatched Vulnerability : CVE-2021-43300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a...

CVE-2025-9174

A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...

CVE-2025-9174

A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...

CVE-2025-9174

The CVE describes a local OS command-injection in neurobin shc ≤ 4.0.3, caused by unsafe handling in the make function of src/shc.c (Filename Handler). Public exploit details indicate local access is required; exploitation has been disclosed. Impact includes potential compromise of confidentialit...

CVE-2025-9174 neurobin shc Filename shc.c make os command injection

A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclos...

PT-2025-33884 · Unknown · Neurobin Shc

Name of the Vulnerable Software and Affected Versions: neurobin shc versions prior to 4.0.4 Description: A vulnerability exists in neurobin shc up to version 4.0.3. This issue affects the make function within the src/shc.c file of the Filename Handler component. Manipulation of this function can...

Shell Script Compiler 命令注入漏洞

Shell Script Compiler is a Shell Script Compiler by the individual developer Md Jahidul Hamid. A command injection vulnerability exists in Shell Script Compiler version 4.0.3 and earlier, which stems from an os command injection in the file src/shc.c function make in the component Filename Handle...

Linux Distros Unpatched Vulnerability : CVE-2020-36254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. CVE-2020-36254 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2011-10007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename. A file handle is opened with the 2...